NNSquad - Network Neutrality Squad

NNSquad Home Page

NNSquad Mailing List Information

 


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] No easy way to stop BREACH from plucking secrets from HTTPS pages, feds say


No easy way to stop BREACH from plucking secrets from HTTPS pages, feds say

http://j.mp/19CjiCc  (ars technica)

   "Less than 24 hours after researchers disclosed a new attack that can
    pluck secrets from webpages protected by the widely used HTTPS
    encryption scheme, the US Department of Homeland Security is advising
    website operators to investigate whether they're susceptible.  As Ars
    reported Thursday, an exploit dubbed BREACH-short for Browser
    Reconnaissance and Exfiltration via Adaptive Compression of
    Hypertext-can decode e-mail addresses, certain types of security
    tokens, and other secrets from encrypted webpages, often in as little
    as 30 seconds."

 - - -

--Lauren--
Lauren Weinstein (lauren@vortex.com): http://www.vortex.com/lauren 
Co-Founder: People For Internet Responsibility: http://www.pfir.org/pfir-info
Founder:
 - Network Neutrality Squad: http://www.nnsquad.org 
 - PRIVACY Forum: http://www.vortex.com/privacy-info
Member: ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Google+: http://google.com/+LaurenWeinstein 
Twitter: http://twitter.com/laurenweinstein
Tel: +1 (818) 225-2800 / Skype: vortex.com
_______________________________________________
nnsquad mailing list
http://lists.nnsquad.org/mailman/listinfo/nnsquad