Https
communications
-----------------------------
Another
cyber-attack, this time was about https. We've used this protocol in financial
transactions. Even though it wasn't easy to exploit the vulnerability as the
article mentioned, it was not fun if our data released or stolen.
In another article, they said that US government didn't want to export
strongest encryption method. It's fine, but Canada should come up with better
encryption than the "free and weak" encryption out there for Canadians.
Btw, "The exploit has affected U.S. government websites such as NSA.gov,
FBI.gov and Whitehouse.gov." So USA was not excluded.
Source: http://business.financialpost.com/2015/03/11/dont-freak-out-over-latest-internet-security-scare/?__lsa=443b-5716
-----
2015-03-18 We're not confirming that hackers out there didn't have a master key
for https. It seems to me that all available encryptions had at least a master
key to decode all encrypted messages.
No comments:
Post a Comment