A novel encryption bug has surfaced recently, which could pose a threat to online privacy. Dubbed “LogJam,” the bug occurs in the TSL (the Transport Security Layer), an encryption protocol used to authenticate servers and conceal the contents of secure web activity (like your bank login). The bug allows a man-in-the-middle attacker to force your browser, and the server it’s connected to, to use a weak form of encryption which is vulnerable to brute-force attacks. This is related to the ‘FREAK’ vulnerability discovered and patched earlier this year. These bugs come on the heels of more catastrophic security issues like Heartbleed...
Read the full article: 20 Year Old Bug Breaks Internet Encryption: How To Tell if Your Browser is Affected
from MakeUseOf http://ift.tt/1dpDig6
via IFTTT
No comments:
Post a Comment