Welcome to WebmasterWorld Guest from 100.24.122.228

Forum Moderators: open

5pct of Web's Top 10,000 Sites Had Exploitable TLS Vulnerabilities

     
12:46 pm on Mar 29, 2019 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:26375
votes: 1036


According to a new report from researchers at Ca' Foscari University of Venice in Italy and Tu Wien in Austria, 5% of the web's top 10,000 sites had exploitable TLS vulnerabilities. The top 10,000 HTTPS sites is based upon Alexa's stats.

These flaws were caused by a combination of issues in how sites implemented TLS encryption schemes and failures to patch known bugs, (of which there are many) in TLS and its predecessor, Secure Sockets Layer. But the worst thing about these flaws is they are subtle enough that the green padlock will still appear.


[wired.com...]
4:41 pm on Mar 30, 2019 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member graeme_p is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts: 3006
votes: 207


But the worst thing about these flaws is they are subtle enough that the green padlock will still appear.


Maybe because the definition of security they are (implicitly) using is "the green padlock appears". TO be honest I usually think "job done" at that point/