TLS posts - Security

November 5, 2009 8:50 AM PST

Zero-day flaw found in Web encryption

by Tom Espiner

16 comments

A zero-day flaw in the TLS and SSL protocols, which are commonly used to encrypt Web pages, has been made public.

Security researchers Marsh Ray and Steve Dispensa unveiled the TLS (Transport Layer Security) flaw on Wednesday, following the disclosure of separate, but similar, security findings. TLS and its predecessor, SSL (Secure Sockets Layer), are typically used by online retailers and banks to provide security for Web transactions.

Ray, who works with Dispensa at two-factor authentication company PhoneFactor, explained in a blog post this week that he had initially discovered the flaw in August and demonstrated a working exploit to Dispensa at the beginning of September.

Read more of "Zero-day flaw found in web encryption" at ZDNet UK.

Topics:: Vulnerabilities and attacks

Tags:: zero-day flaw,; encryption,; TLS,; SSL

Share:: Digg; Del.icio.us; Reddit; Facebook; Twitter

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

Most Discussed

Inside CNET News

Scroll Left Scroll Right

Software, Interrupted
Open-source acquisitions: What's the holdup?
Acquisitions of open-source companies have garnered huge multiples but haven't rounded out many product portfolios. Exit plans are hazy for most open-source start-ups.
Gallery
NASA trains WISE eye on the sky (photos)
Technically Incorrect
Woman arrested after visiting with WoW teen
Canadian boy leaves home to see 42-year-old woman whom he met on World of Warcraft. No Canadian laws were broken, but she's arrested back home in Texas.
2010 CES
Ray Kurzweil tries to build a better e-reader
The computing pioneer is at CES showing off his Blio software that combines digital books with video, audio and Web content.
Video
Highlights from the Microsoft keynote
Media Maverick
Viacom, YouTube inch towards courtroom showdown
Viacom's $1 billion copyright suit against Google's YouTube is closing in on resolution. Both parties are preparing to ask judge to skip a trial and rule in their favor.
Video
Floor-cleaning robot gets those tight spots
The Social
Pingdom: Facebook is killing it on page views
A report from the traffic firm suggests that the social network has 11 times as many page views as its closest competitor, MySpace.
Cutting Edge
Starry, starry 'first light' from NASA's WISE mission
The new Wide-field Infrared Survey Explorer kicks off its mission to scan and capture a view of the entire sky with a look at the constellation Carina.
Gallery
Navteq laser vision's view of the world (images)
2010 CES
Hands-on with the Boxee Box
CNET gets up and close and personal with the Boxee Box by D-Link.
Planetary Gear
Auto industry focused on hybrids, survey says
R&D spending for hybrid and alternative fuel car technology to increase as automakers rush to give consumers what they want, according to KPMG research.