WhatsApp, a massively popular messaging app, recently added end-to-end encryption for some mobile clients, a move that brings a high level of security to millions of users. The change is the result of a partnership with Open Whisper Systems, the secure text and mobile OS company started by security researcher Moxie Marlinspike. Twitter acquired Open […]
Tag Archives: Encryption
EFF Calls Out ISPs Modifying STARTTLS Encryption Commands
The Electronic Frontier Foundation has backed VPN provider Golden Frog’s FCC filing that accuses ISPs of stripping out STARTTLS instructions from email messages.
EFF, Snowden Dispute FBI Claims on Device Encryption
The FBI has long said that the use of strong encryption software hampers the bureau’s investigations and makes life easier for criminals. Current FBI Director James Comey continued this line of reasoning in a speech on Oct. 17, saying that the use of crypto could lead the country to a dark place, and the EFF […]
Mobile Device Encryption Could Lead to a ‘Very, Very Dark Place’, FBI Director Says
FBI Director James Comey said Thursday that the recent movement toward default encryption of smartphones and other devices could “lead us to a very, very dark place.” Echoing comments made by law enforcement officials for the last several decades, Comey said that the advanced cryptosystems available today threaten to cripple the ability of intelligence and law […]
“Poodle†security hole has a nasty bite
“Poodle” bites on open WiFi networks with multiple users.
A security hole called Poodle could allow hackers to take over your banking and social media accounts.
Yesterday, Google researchers announced the discovery of a security bug in version 3 of the Secure Sockets Layer protocol (SSLv3). This web technology is used to encrypt traffic between a browser and a web site, and can give hackers access to email, banking, social accounts and other services.
Poodle bites multiple users in unsecure open WiFi networks, like the ones you use at coffee shops, cafes, hotels, and airports.
“To exploit the vulnerability, you must be running javascript, and the attacker has to be on the same network as you—for example, on the same Starbucks Wi-Fi network you’re using,†explained Kim Zetter in a WIRED article.
Avast experts strongly recommend that our users protect themselves when using free WiFi with avast! SecureLine VPN.
Poodle is not considered as serious a threat as this past spring’s Heartbleed bug which took advantage of a vulnerability in OpenSSL, and or last month’s Shellshock bug in Unix Bash software.
SSLv3 is an outdated standard (it’s a decade and a half old), but some browsers, like Internet Explorer 6, and older operating systems, like Windows XP, only use the SSLv3 encryption method. Google’s security team recommends that systems administrators turn off support for SSLv3 to avoid the problem, but warns that this change will break some sites.
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.
Browser Vendors Move to Disable SSLv3 in Wake of POODLE Attack
With details of the new POODLE attack on SSLv3 now public, browser vendors are in the process of planning how they’re going to address the issue in their products in a way that doesn’t break the Internet for millions of users but still provides protection. The attack, which was disclosed by a trio of Google […]
CloudFlare Rolls Out Free SSL
In a move that will essentially double the number of SSL-protected sites on the Web in the space of 24 hours, CloudFlare on Monday said that it was enabling SSL for all of its more than two million customers for free. The new service is called Universal SSL, and the company is making it available […]