Tuesday, January 12, 2010

A Major Flaw in SSL

The EITF has taken steps to correct a major flaw in SSL, the security protocol that is used for most web based transactions, but the fix won't be effective for a year or more. That means there is an exposure to watch out for. While the exposure has existed for some time, now it has been publicized and that of course increases the possibility of it being used. On the positive side, exploitation of the bug requires a good deal of technical sophistication, which may be beyond the means of the average hacker. More is explained in this article.

No comments: