6 Things That Stink About SSL

Users might not care to trust the very mechanism that's supposed to provide online trust.
Remember SSLStrip? Remember THC-SSL-DOS? Remember when DigiNotar was breached by attackers who issued more than 500 counterfe
SHA-1, once thought to be uncrackable, was cracked seven years ago, but according to Netcraft's recent SSL survey, more than
Browsers stop a user in their tracks to declare "There is a problem with this site's certificate" or "This connection is untr
One cannot lay all the blame for SSL failures on SSL itself -- it may be flawed applications and implementations that are tru
SSL is becoming more popular among attackers as a way to hide their tracks. For example, a report released by Palo Alto Netwo
SSL will create a secure connection between a user and a website, to ensure that the user is indeed communicating with the si

When Heartbleed came along, some people in the security community were alarmed. Many others, however, weren't terribly concerned, because, after all, SSL was never perfect and we shouldn't be surprised anyway.

Perfect or not, we still use it... a lot.

SSL (Secure Sockets Layer) is one of the most important components of Internet security, and the most significant online trust mechanism, essential to online shopping, banking, and socializing.

Yet, the very mechanism we rely on to provide trust is, itself, untrustworthy. Here are a few reasons why... 


Next slide
Recommended Reading: