On the internet there is a system in place to keep financial and other confidential and sensitive data from falling into the wrong hands: Secure Sockets Layer. This is a method of encrypting and decrypting the data transferred to, and from, the website or server you are communicating with. But according to a report released recently by the Trustworthy Internet Movement (TIM,) you may need to start using the best VPN services you can find to further secure the communications.
What Is This Movement About
One project that TIM undertook was the determination of the security of some 200,000 registered HTTPS websites. They developed a scanning program called SSL Pulse which scans websites for known vulnerabilities and hacking methods including page spoofing, man-in-the-middle, and brute force attacks. The scanner then returned the results to TIM who analyzed them and found that of the 200,000 registered secured websites only 10% were truly secure. This, assuming that the visitor isn't using any of the best VPN services. The scanner checked many SSL protocols, SSL 2.0, SSL 3.0, and TLS protocols, along with all the latest encryption ciphers, and key lengths.
How They Were Rated And The Scores
Websites were rated on a basis of 1 - 100, which was then converted into a grading system... an "A" being a score of 80 or more points. And while at least half received an A, only 10% showed up as totally secure from exploitation. In site of the high ratings though, at least 75%, or 148,000 websites, were found to be vulnerable to a popular exploit called "BEAST." Beast uses cookies and authentication tokens to invade the secured stream. This is a hack revealed in the 2011 security conference in Buenos Aires and will work on SSL/TLS block encryption ciphers such as AES and Triple-DES, but doesn't affect any of the best VPN services protocols like OpenVPN, or PPTP.
How To Tell If Your Communications Are Secured
First of all I want to emphasize: Do not stop using your HTTPS websites. For the most part, they are fairly secure. But you may consider enlisting the best VPN services provider you can afford and using it when you are conducting transactions that you want to keep confidential. A spokesman for the group said that "For your average Web site -- which will not have anything of substantial value -- the risk is probably very small." Then he went on to say that the larger institutions, like financial websites, have a much larger potential for being exploited. By using one of the best VPN services, and always allowing your browser to check the website security certificate, this larger risk can be averted.
An Explanation of CISPA for Small Businesses Protect Your Privacy With Reputation Management Top 5 Reasons to Check Website Security Why Ignoring IDS Could Lead to Substantial Damage for Businesses
0 comments:
Post a Comment