Fraudsters Use Padlocks, Too: More on Certificate Use and Abuse
A couple of months I wrote here about HTTPS and website security from a user standpoint. I need to add to that because bad guys can also use the digital certificates that make browsers show green padlocks or avoid notices about unencrypted sites. The issue here is that the certificate that lets a site use […]
HTTPS Secures Site Traffic From Eavesdropping, But Who Can We Trust?
Encrypting data is essential in helping ensure its confidentiality. October is National Cybersecurity Awareness Month in the US and the theme for the third week is “It’s Everyone’s Job to Ensure Online Safety at Work”. We all use encryption when we surf the web, but it is not as simple as it might seem, and […]
Let’s Encrypt- What you Need to Know About the EFF’s Initiative
If you’ve been reading this blog for even a little while you might think I am obsessed with encryption and authentication (especially passwords). You’d probably be right, even though I am not under the illusion that either is any type of panacea. You’d probably guess that I’d be excited that the Electronic Frontier Foundation (EFF) […]