Big Changes For Yahoo-Hosted Email
Dec 5,
2017
Frontier has been sending messages to its customers saying that the company has noticed their use of “a lower security sign-in that is sometimes used in third-party mail applications such as Outlook, IncrediMail, MacMail, Mozilla Thunderbird and others.” The message is somewhat vague and misleading. It gives the impression that these “third-party” tools don’t encrypt […]
Keep Your Certificates Up To Date
Nov 3,
2017
Someone from a major aerospace manufacturer asked me for some cybersecurity assistance a few months ago. A security audit had resulted in a worrying but mystifying warning about SSL certificates. Their secure web site would cease functioning in just a few days. We fixed that, but similar deadlines are approaching over the next two years […]
The Internet Has Serious Trust Problems, Part 4: Trouble in Turkey, Carefully Corrected
May 5,
2014
Last week, the week before, and the week before that, I explained how the cryptographic side of digital certificates and secure web site identity works, and how there have been some continuing problems with what many see as misbehavior by root CAs. We introduce the technical side in in Learning Tree’s System and Network Security […]
The Internet Has Serious Trust Problems, Part 3: Subordinate CA Certificates Lead to Policy Changes
Apr 28,
2014
Last week and the week before I explained how the cryptographic side of digital certificates and secure web site identity works, as we discuss in in Learning Tree’s System and Network Security Introduction course, but there are continuing problems with corporate trust caused by what many see as misbehavior by root CAs.. ANSSI was discovered […]
The Internet Has Serious Trust Problems
Apr 14,
2014
In Learning Tree’s System and Network Security Introduction course we talk about how digital signatures work, and how they are used to create x509.v3 digital certificates, which in turn are used to secure your connections to web servers. The connections are secured in two ways. First, by verifying the identity of the server to which […]