New vulnerability discovered in common online security

  • 2 March 2016
  • 1 reply
  • 98 views

Userlevel 7
Badge +54
March 2, 2016 by David Ellis
 
                                                http://img.techxplore.com/newman/csz/news/800/2014/sixmorebugsf.jpg
                                                                                                         New bugs in the code for OpenSSL. Credit: Flickr/Guilherme Tavares, CC BY-NC  

 
One of the world's most common security software packages – used as the basis of protection for many web browsers – has been found to be vulnerable to a specific form of attack, according to research led by the University of Adelaide.
 OpenSSL provides encryption protection for a range of applications on most types of computers and is similar to the encryption packages used by the web browsers Google Chrome (BoringSSL) and Firefox (Mozilla's Network Security Service (NSS)).
Dr Yuval Yarom, Research Associate at the University of Adelaide's School of Computer Science, says he and colleagues Daniel Genkin (Tel Aviv University) and Dr Nadia Heninger (University of Pennsylvania) have discovered that OpenSSL is vulnerable to a type of attack known as a "side channel attack".
 
Full Article

1 reply

Userlevel 7
The important aspect of this article is this vulnerabilities has been found, now these browsers need to be patched asap. Good heads up by Dr Yuval Yarom

Reply