Your time is Your Life-Your Life is Your Wealth


OpenSSL, a technology that’s widely used to encrypt web sessions, has another major vulnerability. It’s not quite as severe as the Heartbleed flaw that got everyone so panicky a couple months back, but it’s serious enough to warrant some urgent patching and it could particularly affect Android(s goog) users.

The new flaw was revealed by the OpenSSL Foundation on Thursday after it was tipped off by researcher Masashi Kikuchi of Japanese security firm Lepidum. It allows so-called man-in-the-middle (MITM) attacks – in other words, if someone can get in between the user and the supposedly secure web service that person is trying to use, the interloper can pose as the web service and intercept, decrypt and manipulate the data being sent, without leaving a trace.

The Heartbleed flaw, by way of comparison, allowed anyone on the internet to tap into the targeted server’s memory in order to scoop up traffic…

View original post 227 more words


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: