TLS is flawed. The decades-old protocol is vulnerable to man-in-the-middle attacks throwing into question the nature of encryption on the world wide web. An Austrian IT firm has prevented a security disaster threatening many popular Internet websites and applications by compiling research on a new vulnerability in the twenty year old cryptographic system.
Austrian researchers from Research Industrial Systems Engineering GmbH (RISE) unveiled last month vulnerabilities found in the TLS (Transport Layer Security) protocol at a USENIX WOOT conference. TLS, most commonly known as a wrapper around HTTP as HTTPS, evolved from SSL (Secure Sockets Layer).
The new vulnerability, [...]