<img alt="dcsimg" id="dcsimg" width="1" height="1" src="//www.qsstats.com/dcsuuvfw300000gkyg9tnx0uc_3f7v/njs.gif?dcsuri=/index.php/c/a/Security/Black-Hat-2010-10-Security-Hotspots-for-CIOs-to-Watch-568046/8&amp;WT.js=No&amp;WT.tv=10.4.1&amp;dcssip=www.cioinsight.com&amp;WT.qs_dlk=XGyYyeF8ngi4OPb0UJDY4QAAAAU&amp;">

SSL and HTTPS: Not So Strong?

By Sean Martin  |  Posted 08-10-2010 Print

The research community at large is calling for serious changes to the SSL and HTTPS protocols that securely connect our systems and transmit our sensitive data. In particular, most of us fall into a false sense of security when using HTTPS/SSL. For example, did you know that the US government has a technique that allows it to read SSL-encrypted traffic? Another example of insecure protocols involves hackers exploiting certificate-warning mechanisms to trick a user into accepting a bad certificate, which then causes his or her credentials to be stolen. Can we really rely on HTTP/SSL as failsafe and completely secure protocol set?


Submit a Comment

Loading Comments...
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.