In-brief: Google’s rebuke of Symantec over its sloppy and problem-plagued certificate authority business risks upsetting some of the Internet’s biggest brands.
In-brief: Researchers at Google and CWI Amsterdam say they produced the first “collision” of hashes produced with the SHA-1 algorithm, hastening the end of life for the 22-year-old encryption technology.
In-brief: In this Security Ledger podcast, we speak with the guys from Chain of Things, a new consortium that is investigating applications of Block Chain and related technologies to solving identity and security problems for IoT deployments.
In-brief: Google warned its users that unauthorized digital certificates have been issued for several of its domains. The certificates are linked to an intermediary certificate authority for CNNIC, which administers China’s domain name registry. Updated with comment from Kevin Bocek of Venafi. Paul 3/27/2015
In-brief: The Electronic Frontier Foundation warned that it has evidence of man-in-the-middle attacks that take advantage of the same encryption-busting technology that Lenovo and Superfish implanted on consumer laptops.