- home
- reviews
- news
- downloads
- cnet tv
On MovieTome: Why you didn't see Shatner in TREK
- log in
- join CNET
- welcome,
- my profile
- log out

Security

Read all 'TLS' posts in Security

November 5, 2009 8:50 AM PST

Zero-day flaw found in Web encryption

by Tom Espiner

16 comments

A zero-day flaw in the TLS and SSL protocols, which are commonly used to encrypt Web pages, has been made public.

Security researchers Marsh Ray and Steve Dispensa unveiled the TLS (Transport Layer Security) flaw on Wednesday, following the disclosure of separate, but similar, security findings. TLS and its predecessor, SSL (Secure Sockets Layer), are typically used by online retailers and banks to provide security for Web transactions.

Ray, who works with Dispensa at two-factor authentication company PhoneFactor, explained in a blog post this week that he had initially discovered the flaw in August and demonstrated a working exploit to Dispensa at the beginning of September.

Read more of "Zero-day flaw found in web encryption" at ZDNet UK.

Topics:: Vulnerabilities and attacks

Tags:: zero-day flaw,; encryption,; TLS,; SSL

Share:: Digg; Del.icio.us; Reddit; Facebook

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

Most Discussed

Inside CNET News

Scroll Left Scroll Right

Business Tech
Sun takes big fall in server market
Sun Microsystems clocks lowest revenue and shipment among global top 5 server vendors for third quarter of 2009, says Gartner.
Gallery
Energy displays bring the smart grid home (photos)
Apple
Psystar said to have deal with Apple
Details are sketchy and there's no confirmation from Apple, but Psystar claims in a filing that a partial settlement has been reached in the copyright infringement case, according to reports.
Beyond Binary
Using tunes to tout Windows 7
Microsoft launches the Section 7 site in conjunction with Live Nation, offering discount concert tickets and gear.
Video
A window into the Microsoft Store
Web Crawler
Comcast beta launches bandwidth meter
Comcast's long-awaited bandwidth meter is finally here, though it will be limited to those in the Portland, Ore., area.
Video
Google Chrome OS demonstration
The Social
This year, you can stalk Santa from your car
A partnership with OnStar means that the North American Aerospace Defense Command's annual Santa Claus tracker will now show up in some in-car GPS systems.
Crave
Coming soon: Recyclable mannequin robots
Osaka-based Eager Co. is developing corrugated cardboard mannequin robots for that can gracefully display clothing in retail displays.
Gallery
Digital cloud set to hover above 2012 Olympics (photos)
Crave
Red Scarlet 2/3 specifications, price revealed
Now you don't have to fork out so much for a Red system. The company has just announced the availability of the Scarlet 2/3, an affordable 3k-resolution video camera.
Green Tech
Smart grid potential gated by broadband
The intersection of broadband and energy can lead to efficiency and technology innovation. What's needed is wider access, standards, and right regulations, say execs and officials at an FCC hearing.