Announcement

Collapse
No announcement yet.

Another HTTPS Vulnerability Rattles The Internet

Collapse
X
Collapse
 
  • Page of 2
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 template Next
  • #1

    Another HTTPS Vulnerability Rattles The Internet

    Phoronix: Another HTTPS Vulnerability Rattles The Internet

    Another HTTPS vulnerability has started to make its rounds earlier this morning. Dubbed Logjam by its researchers, the vulnerability stems from the US's encryption export mandate back in the 1990s. This particular vulnerability, in the transport-layer security layer protocol, breaks the Diffie-Hellman perfect forward-secrecy. Susceptibility to the vulnerability is depended on servers and clients supporting the DHE_EXPORT encryption scheme, or using a key less-than-or-equal to 1024 bits...

    Another HTTPS Vulnerability Rattles The Internet - Phoronix
    http://www.phoronix.com/scan.php?page=news_item&px=HTTPS-Logjam-Vulnerability
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
  • #2
    Say it with me now: The Internet is not secure. The Internet is not secure. The Internet is not secure.

    Get it yet?

    Comment

    • #3
      US law about SSL vulnerability *
      anybody dumb enough to follow the law when it comes to security deserves it

      Comment

      • #4
        Originally posted by gamerk2 View Post
        Say it with me now: The Internet is not secure. The Internet is not secure. The Internet is not secure.

        Get it yet?

        Nothing is 100% secure. Nothing.

        Comment

        • #5
          Originally posted by gens View Post
          US law about SSL vulnerability *
          anybody dumb enough to follow the law when it comes to security deserves it
          *Because it's not dumber for a business to break the law*

          Oh wait it is. Then what?

          Comment

          • #6
            Originally posted by erendorn View Post

            *Because it's not dumber for a business to break the law*

            Oh wait it is. Then what?
            if they try to enforce their idiocy on you, that they probably won't
            then you sue the government for trying to make your business vulnerable to almost every country or big company in the world

            it is your right as an 'merican to sue anybody for anything
            Last edited by gens; 20 May 2015, 12:30 PM.

            Comment

            • #7
              Haha, so ATM IE is the only invulnerable browser against Logjam? How ironic is that, especially on Phoronix lol.

              Comment

              • #8
                The researchers were coordinating with Mozilla, Google, Apple and Microsoft before the press-release today. Microsoft was just the first one to get a patch out. As I said in the article: Patches for Chrome, Firefox and Safari are supposed to be coming in the next few days.
                All opinions are my own not those of my employer if you know who they are.

                Comment

                • #9
                  Originally posted by erendorn View Post

                  *Because it's not dumber for a business to break the law*

                  Oh wait it is. Then what?

                  It's a violation of your civil rights under federal law for any government agency or representative to require you to do ANYTHING that you're unable to do.

                  See Title 42, Section 1983 of the United States Code.

                  Also, 1985 USC, subsection 3 allows individuals to sue government officials in their individual capacity for civil rights violations. This means government employers aren't liable to pay for defense.

                  These suits are commonly known as "1983 actions" and any government employee at any level lives in mortal fear of them!

                  Living in a litigious society actually has its advantages!

                  Comment

                  • #10
                    Originally posted by Thpn View Post


                    It's a violation of your civil rights under federal law for any government agency or representative to require you to do ANYTHING that you're unable to do.

                    See Title 42, Section 1983 of the United States Code.

                    Also, 1985 USC, subsection 3 allows individuals to sue government officials in their individual capacity for civil rights violations. This means government employers aren't liable to pay for defense.

                    These suits are commonly known as "1983 actions" and any government employee at any level lives in mortal fear of them!

                    Living in a litigious society actually has its advantages!
                    It's ironic when institution which is supposed to protect your rights breaks them with impunity. Who is supposed to protect your from your protector?

                    Comment

                    Previous 1 2 template Next
                    Working...
                    X