SSL News

Who is using the latest web browser?

July 20, 2008

New research paper shows that as of June 2008, only 59.1% percent of Internet users worldwide use the latest major version of their preferred web browser. How does using the latest browser affect your online security?

Google Releases Web Application Security Tool ratproxy

July 6, 2008

Google has released a web application security tool to find potential vulnerabilities in your web applications.

SSL Added to Pirate Bay

July 6, 2008

In order to combat new Swedish wiretaps, Pirate is adding SSL to the site.

When are self-signed certificates acceptable?

July 1, 2008

This question was posted on Slashdot and it solicited many different responses. A lot of people are confused about the purpose of SSL certificates.

Low-tech SSL certificate maintenance

June 30, 2008

Edd Dumbill posted a short article on how to do some SSL certificate maintenance when you are using your own certificate authority.

Firefox 3 Released with EV Support

June 17, 2008

The new version of Firefox, Firefox 3, was released today. High on its list of important new features is its support for EV SSL certificates and other security features.

Detect Bad Debian OpenSSL Certificates Using Firefox

June 1, 2008

Márton Anka has created a Firefox extension that can recognize when a web site you are using has an SSL Certificate created using a flawed version of Debian's OpenSSL.

Lessons Learned from Debian's OpenSSL Flaw

May 26, 2008

Russ Cox has posted about the recent flaw that was found in Debian's version of OpenSSL and what programmers can learn from it.

XSS vulnerability found on PayPal

May 18, 2008

An XSS vulnerability has been discovered on a PayPal page that could enable attackers to make a fake page that steals users' personal information. EV Certificates are speculated to make the problem worse.

Woops! Debian's OpenSSL Security Flaw

May 18, 2008

Debian Linux has been revealed to have a major security flaw. The distribution changed its OpenSSL code and inadvertently made private keys easily crackable.