• SSL News from Black Hat and DEF CON 2013

    Every year we review some of the presentations at Black Hat and DEF CON that discuss SSL, TLS and HTTPS. Here is the list from 2013. The Factoring Dead: Preparing for the Cryptopocalypse Download: Slides by Alex Stamos, Tom Ritter, Thomas Ptacek and Javed Samuel This presentation looked into the recent leaps in solving discrete logarithm problem (DLP) by Joux

        in SSL, SSL Deployment
  • Smelling a RAT on Duqu

    I have been doing research on Duqu and talking to security researchers I know who have also been working on it themselves. The bottom line is that Duqu is little more than hype. It’s also malware, but it’s easily fought malware. Mostly, though, it’s hype and hype that the perpetrators of which should be ashamed. To be specific, Duqu is

        in Malware, Technical
  • Black Hat and DEF CON Follow-up

    Here is a follow-up to my earlier post SSL Security Silly Season.  Black Hat USA 2010 and DEF CON 18 conferences held at the end of July had three presentations that addressed SSL issues. Here is a quick summary and where you can get more information. Internet SSL Survey 2010 by Ivan Ristic In this study, Qualys SSL Labs searched

        in General, Technical