SUBSCRIBE
105
0
Security

How secure is SSL?

Howard Solomon

One of the fallouts from the leaks by former NSA consultant Edward Snowden is that people are paying more attention now to what data intelligence agencies are collecting.

In the wake of a report last month from The Guardian that the NSA can keep encrypted information indefinitely comes a blog from Internet security firm Netcraft that SSL, one of the oldest security protocols, isn’t safe any more. Instead organizations should turn to PFS – perfect forward secrecy – for better encryption

Serdar Yegulalp of Network Computing interviewed a software engineer who adds some extra context. The link is below.
(Image from Shutterstock)

Some background: SSL – short for security sockets layer, and more recently called TLS – is used by browsers to protect passwords, credit card details and personal information. You’ll find it enabled when the browser URL reads “https”. But, argues Netcraft, if SSL’s private key is cracked or made available through a court order, then all of a Web site’s traffic can be decrypted at once.

 PFS, used in conjunction with SSL, makes that very difficult because it generates a temporary key. If you follow along, Yegulalp’s engineer agrees that SSL works best with PFS enabled.

Web site administrators will find this informative.

Read the whole story here.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com
Previous article
Many SSL connections lack added protection?
Next article
Motorola hints at new way to make a smart phone

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...
Read more

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...
Read more

Related Tech News

Tech Jobs

Subscribe to our Newsletter

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

SUBSCRIBE

Tech Companies Hiring Right Now

Popular Stories This Week

ITWC Network

Follow Us

©

2024

IT World Canada. All Rights Reserved.

SUBSCRIBE