Tags mozilla firefox
It's easy to fake Extended Validation certificates, research shows
EV certificates — the files that tell a browser to show the little green lock — are supposed to make crystal clear who owns a website. There's a way around it, though.
Study: Zero days rediscovered much faster
The report comes as White House cybersecurity czar Rob Joyce says he is reviewing the Vulnerability Equities Process — the policy structure that decides whether zero days found by U.S. agencies should be disclosed to the manufacturer.
SHA-1 crypto algorithm is dead by collision attack
The SHA-1 algorithm is dead — except, of course, that it's still in wide use all around the internet.