Ron was wrong, Whit is right — So now what?

Posted: March 13, 2012 in Uncategorized
Tags: , ,

It seems that every 18 months or so we are treated to another scary story about how SSL is broken and all your encrypted secrets are at risk. Of course, there’s always at least a kernel of truth to the report or wouldn’t get much traction and the latest case is no different.

For those of you that aren’t crypto geeks (which, I hope for the sake of humankind is most of you), Ron, in this blog post heading and in the research paper than uncovered the vulnerability, is Ron Rivest (the “R” in the “RSA” cryptographic algorithm that is widely used across the Internet) and Whit is Whitfield Diffie of Diffie-Hellman key exchange protocol fame. Both Ron and Whit are giants in the crypto arena due to their many contributions.

You can read more about the vulnerability, it’s likelihood of impact and some countermeasures you can take in the following article from Dark Reading:

http://www.darkreading.com/taxonomy/index/printarticle/id/232602467

The net of it is that this is a bona fide risk but it isn’t likely to affect most web sites. So, the sky is not falling but I would recommend taking an umbrella…

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s