Pierluigi Paganini
October 24, 2015
Now that it is known a critical flaw in the Diffie-Hellman key-exchange protocol was exploited by the NSA to break the internet encryption, how to stop it? Recently a group of researchers has revealed how the NSA has cracked HTTPS, SSH, and VPNs rely on the Diffie-Hellman encryption by exploiting a wrong implementation of the cryptographic algorithm. The […]
Pierluigi Paganini
September 09, 2015
A number of recent discoveries suggest as more HTTPs websites, chat applicationss, and other services online are actualizing perfect forward secrecy. As per a Red Hat (a Linux distributor) security specialist, system equipment sold by few makers neglected to appropriately execute a broadly utilized cryptographic standard, an information releasing weakness that can permit spammers to […]
Pierluigi Paganini
July 16, 2015
The newest RC4 attack is a nightmare for certain HTTPS implementations, almost a third of the world’s encrypted Web connections can be cracked. We have written several times about RC4 encryption that has been accused of being a Cryptographic disaster, now two Belgian security researchers from the University of Leuven did another discovery that highlights […]
Pierluigi Paganini
May 03, 2015
The Mozilla Foundation is starting the operations to phase the HTTP connections in the Firefox browser according to “encrypt the Web” movement. According to roadmap defined by the Mozilla Foundation, the organization has started the process to move toward full HTTPS enforcement in Firefox browser In November 2014 the Electronic Frontier Foundation (EFF) and other firms, […]
Pierluigi Paganini
April 21, 2015
Google is improving its services, last decision it related to the Ads, the company takes a step towards by deployeng âHTTPS Everywhereâ. Another good step, coming from google involving encryption. As you may remember Google started to encrypt back in 2008, when Gmail started to use HTTPS. Since 2008, Google has done a remarkable work […]
Pierluigi Paganini
September 29, 2014
The SHA-1 cryptographic hash algorithm has been known vulnerable, Collision attacks against it are too affordable and attacks will get cheaper soon. Many websites today are using digital certificates signed using algorithms based on the hash algorithm called SHA-1. Hashing algorithms are used to ensure the integrity of the certificate in the signing processes, a flawed […]
Pierluigi Paganini
September 10, 2014
According to the investigation conducted by experts at TrendMicro the number of HTTPS phishing sites is increasing and it will double by the end of 2014. Google considers security a top priority for this reason the company is starting to use HTTPS as a ranking signal. The scope is to encourage the adoption of HTTPS, but the […]
Pierluigi Paganini
June 19, 2014
Security experts at Zimperium firm revealed that LinkedIn users could be potentially vulnerable to Man-in-the-Middle attacks leveraging an SSL stripping. A new research is scaring users of LinkedIn revealing that they could be potentially vulnerable to Man-in-the-Middle (MITM) attacks leveraging an SSL stripping. Despite the US security firm Zimperium reported the problem to LinkedIn more than a […]
Pierluigi Paganini
March 21, 2014
Google has announced to have adopted encrypt mechanisms for all Gmail connections to reply to the increasing demand of privacy of Internet users. Google decided to encrypt all Gmail connections to reply to the increasing demand of privacy of Internet users, all the links between its data centers will be encrypted. The surveillance programs disclosed by documents leaked […]
Pierluigi Paganini
May 25, 2013
German researchers revealed that Microsoft is able to intercept Skype conversation for security reason. Which are risks to the users’ privacy? Microsoft intercept Skype conversations, the topic is at the center of a heated discussion. Before Microsoft acquisition the popular VOIP application was considered very secure and wiretap-proof, it was officially recognized that was impossible […]
Data Breach / November 21, 2024
