Follow by Email

Friday, April 27, 2012

You thought you're safe in an https site? Think again

Research published by the Trustworthy Internet Movement, a nonprofit organization dealing with security on the Internet, reveals that 90 percent of the top 200 000 websites with https protection is vulnerable to attack SSL (Secure Sockets Layer). The data derived from a new project called SSL Pulse using an automated scanning technology to analyze the security of https sites located on the first list of the company analyzes Alexa.

The project uses an algorithm to rank websites for security they provide and the protocols they use. Most sites were able to score a good score but only ten percent were truly safe. The rest were found to be vulnerable to an attack known as BEAST (Browser Exploit Against SSL / TLS) is used to decrypt tokens and cookies from certification requests HTTPS.

The vulnerability corrected in version 1.1 of the Protocol TLS servers but many still continue to support older protocols such as SSL 3.0, for compatibility with previous generations. "For the average website, which has significant potential value, the risk is very small. But for pages that have large numbers of users and important risk is too great. "

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes |
Related Posts Plugin for WordPress, Blogger...