1. Zarathustra[H]

    Identifying HTTPS-Protected Netflix Videos in Real-Time

    Researchers at the United States Military Academy at West Point have discovered that despite Netflix recently implementing TLS (HTTPS) encryption on their video streams to protect the privacy of their viewers, they can identify what video people are watching with 99.99% accuracy, using a...
  2. Schtask

    Over 15,000 Fraudulent PayPal Certificates Issued to Phishing Sites

    Let's Encrypt was launched publicly in December of 2015 under the premise that websites would be encrypted and served to the end user over Transport Layer Security (TLS). The thought was that TLS would protect user data from pilfering. Many Cyber Security experts expressed fear that free...
  3. Zarathustra[H]

    One in Five Websites Still Use Outdated SHA-1 Encryption Algorithm

    SHA-1 has been known to be potentially insecure since 2005, but this wasn't proven in practice, at least not publicly, until Google recently announced they executed a successful collision attack, breaking it. The collision attack is notable as it takes about one 100,000th of the time to crack...