“Starting October, Chrome will show a “NOT SECURE” warning when users enter text in a form on HTTP pages.” That was an e-mail recently sent out by Google. If you’ve ever bought anything online, checked your bank accounts through the app, or logged on to your favorite social media network, you’ve used a technology called SSL/TLS. Meet the S in HTTPS.
Decryption of traffic encrypted by Transport Layer Security is still a controversial topic. TLS, which has succeeded the deprecated Secure Sockets Layer as the acceptable standard technology for HTTPS and encrypted email, is crucial for ensuring that messages are not subject to prying eyes. In recent years, its importance has only increased in the wake of revelations about the extent of government surveillance worldwide, as well as the emergence of game-changing exploits such as Heartbleed. The latter made it crucial for everyone from hosting providers to e-commerce merchants to move to at least TLS 1.1 (but preferably TLS 1.2). Continue reading
Proper encryption is seen by many as the linchpin to the Internet’s current and future success. Everything from online banking to private email correspondence needs to be kept out of the hands of cyber criminals, and as such encryption methods were implemented into many of the world’s modern data transfer systems. However, it would appear that HTTPS encryption has a vulnerability that could quickly get out of hand if it isn’t nipped in the bud. Continue reading