'Thousands Of Popular Sites' At Risk Of Drown Hack Attacks

[HardOCP News]

According to this article, security researchers have developed a way to attack secure connections that can be used to intercept and decrypt information being transmitted to some of the world’s most popular sites. A fix has already been issued.


Websites have been warned they could be exposed to eavesdroppers, after researchers discovered a new way to disable their encryption protections. The experts said about a third of all computer servers using the HTTPS protocol - often represented by a padlock in web browsers - were vulnerable to so-called Drown attacks. They warn that passwords, credit card numbers, emails and sensitive documents could all be stolen as a consequence.

 

[naib]

This encryption, SSL v2, the first ever version of SSL that was released in 1995 and declared dead less than a year later BECAUSE IT IS INSECURE...

This is only news because "a new way" to crack a cracked encryption was found & equally indications about 22% of sites still have it ENABLED.
Pretty much all modern browsers disabled SSLv2 Transport Layer Security - Wikipedia, the free encyclopedia so why is this news?

 

[bomni]

I miss file cabinets. At least you had to physically show up to gain access to information.