Segura Transfer Protocol HTTPS Hypertext or enables encryption of data sent from our computer to a server.
Basically, when using an HTTPS web page encoding session or SSL digital certificate, so that the user has some assurance that the information you are sending can not be intercepted and used by others.
To date HTTPS was considered the best way to create secure communication even in an insecure network, despite a recent attack has brought some doubts on this protocol.
In an HTTPS connection, a browser displays a web smoothly only if it includes a security certificate signed by an independent agency to ensure its authenticity. It seems that an agency issued certificates inappropriately (thanks to a stolen access credentials) that allowed an attacker to create fraudulent websites by design seemed true and from which it came to spying certain communications.
In particular was the Comodo Certification Authority that issued the SSL certificate for allegedly fraudulent Microsoft, Mozilla, Google, Skype and Yahoo (mail.google.com, Login.live.com, www.google.com, login.yahoo. com, login.skype.com and mozilla.org), leading to the realization of phishing attacks almost impossible to be detected.
However, Comodo after being aware of the problem and make him known, caused the fraudulent certificates were canceled and the main web browsers updated to ensure that the detection of such certificates.
Despite the complexity of the attack, it has been able to show that weak point remains the secure version of HTTP, and commonly used by banks and e-commerce platform has been extending its popular services like Twitter or Youtube. Web Development
0 comments:
Post a Comment