How often to you think those adapters will receive security fixes then?
Posts by thijs
5 publicly visible posts • joined 21 Oct 2015
Apple and some Linux distros are open to Bluetooth attack
FREE wildcard HTTPS certs from Let's Encrypt for every Reg reader*
SSL's DROWN not as bad as Heartbleed, still a security ship wreck
Thursday 3rd March 2016 11:52 GMT
Re: Is TLS vulnerable or not?
If your server supports SSLv2, also connections over TLSv1.2 are at risk. An evesdropper can collect encrypted streams sent over TLSv1.2. He can then use the DROWN attack with crafted packets to get a session key. That session key can be used to decrypt one of the encrypted TLSv1.2 streams.
Cobweb 'fesses up to failure to renew SSL certificate
Saturday 24th October 2015 18:30 GMT
Re: Bypass expired SSL
Expired certificates are not secure for two reasons:
- Certificates that reach their expiry date are routinely purged from certificate revocation lists, therefore you cannot know whether it was revoked;
- Users are trained to click away certificate warnings if people keep claiming that this ok to do.
Biting the hand that feeds IT
