Skip to main content

Browsers to block access to HTTPS sites using TLS 1.0 and 1.1 starting this month

posted onMarch 5, 2020
by l33tdawg
ZDNet
Credit: ZDNet

More than 850,000 websites still use the old TLS 1.0 and 1.1 protocols, scheduled to be removed from most major browsers later this month.

This includes websites for major banks, governments, news organizations, telecoms, e-commerce stores, and internet communities, according to a report published today by UK technology firm Netcraft.

All the 850,000 websites use HTTPS, but on a version that weak. The websites support HTTPS connections via cryptographic certificates built on the TLS 1.0 and TLS 1.1 protocols. These are ancient protocols, released in 1996 and 2006, respectively. The protocols use weak cryptographic algorithms and are vulnerable to a series of cryptographic attacks that have been disclosed over the past two decades, such as BEAST, LUCKY 13, SWEET 32, CRIME, and POODLE. These attacks allow attackers to decrypt HTTPS and access a user's plaintext web traffic.

Source

Tags

Industry News

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th