SSL Compression - Search News

‘CRIME’ attack abuses SSL/TLS data compression feature to hijack HTTPS sessions

The ‘CRIME’ attack announced last week exploits the data compression scheme used by the TLS (Transport Layer Security) and SPDY protocols to decrypt user authentication cookies from HTTPS (HTTP Secure ...

Network World

Whale’s SSL VPN gear adds compression

Whale Communications is adding compression to its SSL VPN platform, making it more apparent that its Intelligent Application Gateways are not just remote access boxes. The gear now contains a ...

CSOonline

Researchers resurrect and improve CRIME attack against SSL

Two researchers from security firm Imperva have devised new techniques that could allow attackers to extract sensitive information from users’ encrypted Web traffic. The new methods build on those ...

Ars Technica

Many ways to break SSL with CRIME attacks, experts warn

Despite browser fixes, disabling SSL compression on servers may be best defense. Surely that means the advice should be to _make no changes at all_ since all change is risky and should be avoided ...

Computerwoche Online

‘CRIME’ attack abuses SSL/TLS data compression feature to hijack HTTPS sessions

Support for TLS compression among websites is pretty widespread. Forty-two percent of servers tracked by — a project that monitors SSL/TLS implementations on the world’s top 180,000 HTTPS-enabled ...

Some results have been hidden because they may be inaccessible to you

Show inaccessible results