Ars Technica

Gone in 30 seconds: New attack plucks secrets from HTTPS-protected pages

The HTTPS cryptographic scheme, which protects millions of websites, is susceptible to a new attack that allows hackers to pluck e-mail addresses and certain types of security credentials out of ...
Government Technology

More Government Websites Encrypt as Google Chrome Warns Users Non-HTTPS Sites Are 'Not Secure'

Google Chrome, the most widely used Internet browser, has officially started warning users that unencrypted Web pages are “not secure.” Among those “not secure,” as of Aug. 9: The front pages of the ...
The Hill

Sessions blasts tech firms for blocking access to encrypted evidence

Attorney General Jeff Sessions is taking aim at technology firms for preventing law enforcement from accessing encrypted evidence for ongoing terror investigations ...
The Hill

Congress, don’t give away the keys to our encrypted communications

In an op-ed on Feb. 22, Steven Wasserman, the national president of the National Association of Assistant US Attorneys (NAAUSA), called on Congress to force tech companies to give foreign adversaries ...
TechCrunch

Sennheiser’s flawed headphone software opened PCs and Macs to HTTPS site spoofing

Headphone maker Sennheiser has patched its software after the company admitted a serious vulnerability that made it easy for hackers to impersonate any website — even encrypted pages. The software, ...
Ars Technica

How do you stop HTTPS-defeating BREACH attacks? Let us count the ways

Last week, when Ars first reported a new hack attack that plucks e-mail addresses and certain types of security credentials out of encrypted pages, we warned the fixes wouldn't be easy. Sure enough, ...