little green footballs

Flaw Found in Key Method for Protecting Data on the Internet

Tue, Apr 8, 2014 at 5:32:06 pm

The tiny padlock icon that sits next to many web addresses, suggesting protection of users' most sensitive information -- like passwords, stored files, bank details, even Social Security numbers -- is broken.

A flaw has been discovered in one of the Internet's key encryption methods, potentially forcing a wide swath of websites to swap out the virtual keys that generate private connections between the sites and their customers.

On Tuesday afternoon, many organizations were heeding the warning. Companies like Lastpass, the password manager, and Tumblr, the social network owned by Yahoo, said they had issued fixes and warned users to immediately swap out their usernames and passwords.

More: Flaw Found in Key Method for Protecting Data on the Internet

Also see:
A Few Thoughts on Cryptographic Engineering: Attack of the Week: OpenSSL Heartbleed