A Web encryption vulnerability opens ‘encrypted’ data to hackers

**NewsCopy** · October 14th, 2014, 06:30 pm

Turns out that_the_Secure Sockets Layer (SSL) encryption we’ve relied on for secure communication on the Internet has a vulnerability. Today Google researchers announced (PDF link) that they have found a bug in the SSL 3.0 protocol. The exploit could be used to intercept critical data that’s supposed to be encrypted between clients and servers. The exploit first allows attackers to initiate a “downgrade dance” that tells the client that the server doesn’t support the more secure TLS (Transport Layer Security) protocol and forces it to connect via SSL 3.0. From there a man-in-the-middle attack can decrypt secure HTTP cookies. Google...
This story continues at The Next Web
The post A Web encryption vulnerability opens ‘encrypted’ data to hackers appeared first on The Next Web.

-->

Thread: A Web encryption vulnerability opens ‘encrypted’ data to hackers

Thread Tools

Search Thread

Rate This Thread

A Web encryption vulnerability opens ‘encrypted’ data to hackers

Thread Information

Users Browsing this Thread

Similar Threads

Yahoo strengthens encryption between data centers, says encrypted Yahoo messenger coming soon

Researcher demonstrates how hackers can exploit a Snapchat vulnerability to remotely crash iPho

More Woes For Snapchat: Vulnerability Allows Hackers To Launch Spam And DDoS Attacks On Snapcha

Target Confirms Encrypted PIN Data Was Stolen In Data Breach

Hackers breach vBulletin support forum using zero-day vulnerability

Posting Permissions