Archive

RC4 no longer considered secure

  |   Lukas Pokorny

The security of RC4 encryption algorithm has been questionable for many years. But despite well-founded concerns, this has remained a popular TLS/SSL cipher not only due to its speed, but also as a countermeasure against "BEAST" attack targeting block ...

DNS, Multicast DNS, Apple devices and .local domains

  |   Lukas Pokorny

Nearly ten years ago, we decided to use a first-level domain of .local for servers on our internal network that were not supposed to be accessed from the Internet. Back then, this was actually quite popular, and even Microsoft suggested the use of .local ...

POODLE Attack - what it is and how to prevent it

  |   Lukas Pokorny

Last month, Google Security Team disclosed POODLE Attack - a vulnerability in SSL 3.0 protocol that makes it possible for attackers to reveal encrypted data with relative ease. Fortunately, newer versions of the SSL 3.0 protocol (TLS 1.0 and higher) do ...