Top web browser are going to be blocking site with SHA-1

By -

The most popular web browsers are calling time on SHA-1, the hashing algorithm for securing data, and will soon begin blocking sites that use it.

In a blog post, Microsoft stated that the algorithm was no longer secure and allowed attackers to carry out spoofs, phishing attacks, or man-in-the-middle attacks. From February 14, Microsoft Edge and Internet Explorer 11 will no longer automatically load up a site that uses SHA-1; instead they will display a warning message to the user about this invalid certificate before they go any further.

“Microsoft, in collaboration with other members of the industry, is working to phase out SHA-1,” Microsoft said. Website owners have been urged to update their certificates ASAP.

The news comes just a couple of days after Google made a similar announcement, explaining that Chrome 56 will not support the outdated hashing algorithm. Chrome 56 is tipped for release in late January but Google had previously outlined these plans almost a year ago.

Similarly, Mozilla’s Firefox will startwinding down support for SHA-1 early next year as well, so expect all the major browsers to have left SHA-1 behind by spring 2017.

More: Google will stamp down on SHA-1 security certificates in 2016

“Digital signatures incorporating the SHA-1 algorithm may soon be forgeable by sufficiently-motivated and resourceful entities,” said Mozilla’s J.C. Jones last month when explaining the reason for making the move.

Hashing algorithms generally become outdated after some time when mathematical and computer processing grows in strength.

Once upon a time, the algorithm MD5 was the go-to hashing algorithm until it was replaced by SHA-1 as the standard. But as Google noted in its announcement last week, SHA-1 “first showed signs of weakness over eleven years ago,” so the industry shift away from the algorithm has been a long time coming.

“Enterprises are encouraged to make every effort to stop using SHA-1 certificates as soon as possible and to consult with their security team before enabling the policy,” said Andrew Whalley of Google Chrome’s security team.

A couple of recent hacks and data breaches have showed how some companies are still securing data with SHA-1 and in some cases even MD5,like the Last.fm breach.

Comments

Post a Comment

Popular posts from this blog

Premeir League Musings

By -
The premier league 2106/17 season is coming to an end and what is probably on people's mind is who can stop Chelsea from winning the league and also where will Arsenal end up this season after making it seem for years that a top four finish was their birth right. Tottenham look on course to finish in a better position than last season  3rd place and also it could be the morale booster to go for the kill next season Liverpool should have probably won the Europa league last season and qualify for the champions league but at least we know with their consistent  stay in the top four they do have ambitions Pep Guardiola has  finally felt the sting of the English football, I wonder where he  will be next season because if he stays it will probably be his last chance to prove he is a tactician Arsenal are looking out of place in 5th position, do they deserve to be there, I don't know but I do know that if they end up out of the top four and do not wake up then we will them go
CONTINUE »

Facebook still tapping from snapchat features

By -
Image
If imitation is the sincerest form of flattery, then Snapchat should be tickled pink at this point by Facebook’s multiple attempts to emulate its style. In its latest attempt to “innovate,” Facebook is once again “borrowing” from the much younger social media platform, this time testing out a new feature that lets users take selfies and record videos complete with filters, effects, and masks, which can be shared in your News Feed. And oh yeah, they disappear in 24 hours too (assuming no one responds). Facebook isn’t making any attempts to hide this new Snapchat-esque addition either, placing it front and center in its main app for users in Ireland. Should it prove popular amongst the Irish populace, Zuckerberg may decide to go wide with the feature, introducing it to the social network’s 1.4 billion monthly users. While the feature has yet to adopt a formal name, it might as well be called Snapchat 2.0 — to access it, users (in Ireland) need only to tap on the camera icon in the top
CONTINUE »

The key to figuring out your secret weakness

By -
Image
We love this stuff, don’t we? Social Media is full of personality tests these days. We all want to understand ourselves better. It stands to a reason that the better we understand ourselves, the better we can align our lives with what makes us happier and live a more fruitful existence.As a trained life coach, I see a lot of people keento work out the good stuff to focus on; their strengths for example. But we are not so keen to look at our weaknesses. And no judgment here, I know it is not the easiest of tasks.But if you were feeling brave, and were wondering how to even begin identifying your weaknesses, then I have you covered. It is all about looking at your behavioral patterns. It is in your behavioral patterns You could have the best poker face in the world, or live in a big cloud of glorious denial. But nothing, and I mean nothing, gives away our weaknesses like our unconscious behaviors.Just to clear this up before we go any further; an unconscious behavior does not mean that
CONTINUE »