HTTPS
Nonprofit certificate authority Let’s Encrypt hit a major milestone earlier this month: it issued its three billionth HTTPS certificate. The Let’s Encrypt project was founded in 2013 to provide websites…
Let’s Encrypt’s root certificate has expired, and it might break your devices
One of the largest providers of HTTPS certificates, Let’s Encrypt, saw its root certificate expire this week — meaning you might need to upgrade your devices to prevent them from…
Microsoft Teams goes down — just as everyone starts working from home
Microsoft Teams, the collaboration software that rivals Slack, is currently down. A lot of workers are staying at home because of the ongoing coronavirus pandemic. Countries are shutting borders, entire…
Mozilla blocks spy firm DarkMatter from Firefox citing ‘significant risk’ to users
Firefox maker Mozilla said it will not trust certificates from surveillance maker DarkMatter, ending a months-long effort to be whitelisted by the popular browser. Months earlier, the United Arab Emirates-based…
Better late than never, Tumblr has rolled out HTTPS across its entire site. In a brief post on Tumblr’s engineering page, the company said all Tumblr sites will now have…
Some US government websites won’t load after HTTPS certificates expire during shutdown
In a government shutdown, everything deemed non-essential stops. As we found out, renewing the certificates on its websites is considered non-essential. Several government sites are currently inaccessible or blocked by…
With Chrome 70, hundreds of popular websites are about to break
A lot of secure sites are set to grind to a halt with security error messages in the next version of Google Chrome, after the browser will drop trust for…
Three years later, Let’s Encrypt has issued over 380 million HTTPS certificates
Bon anniversaire, Let’s Encrypt! The free-to-use nonprofit was founded in 2014 in part by the Electronic Frontier Foundation and is backed by Akamai, Google, Facebook, Mozilla and more. Three years ago Friday,…
Last Friday, the Internet Engineering Task Force released the final version of TLS 1.3. This is a major update to TLS 1.2, the security protocol that secures much of the…
Chrome will soon mark all unencrypted pages as ‘not secure’
Google’s Chrome browser will soon flag every site that doesn’t use HTTPS encryption. Starting in July, with the launch of Chrome 68, Chrome will mark all HTTP sites as ‘not…
Google says 64% of Chrome traffic on Android now protected with HTTPS, 75% on Mac, 66% on Windows
Google’s push to make the web more secure by flagging sites using insecure HTTP connections appears to be working. The company announced today that 64 percent of Chrome traffic on…
All new executive branch .gov domains will ditch HTTP, enforce HTTPS
Government websites just took a serious step toward robust security. Today, the Federal Chief Information Officers (CIO) Council announced that all new executive branch domains moving forward will use HTTPS,…
Federal government improves encrypted web connections, but misses goal
For over a year, the U.S. Government has worked to establish secure connections to all federal websites, protecting visitors from malware and tracking. And although it didn’t meet the White…
A majority of Mozilla users were served encrypted pageloads for the first time yesterday, meaning their web browsing data was secured from snoopers and hackers while in transit.
2016 might be the year that HTTP finally dies. Chrome’s security team announced today that the browser will start marking websites that use insecure HTTP connections to transmit passwords and…
Earlier this year, Google launched a new section to its Transparency Report that highlighted the use of HTTPS to encrypt connections between its users’ devices and its servers. At the…
The Newstweek is a small device that plugs into a wall outlet and allows you to modify the contents of news sites for readers using public Wi-Fi networks without their…
Google enables HTTPS for all Blogspot sites
Google today made HTTPS connections the default for all of the sites on its Blogspot domain. Google first enabled HTTPS for Blogspot last September, but at the time, it was an opt-in…
An initiative to encourage more websites to encrypt connections by offering free digital certificates has today exited beta, six months on from its initial launch — the idea behind Let’s…
Gmail Will Soon Warn Users When Emails Arrive Over Unencrypted Connections
Soon, you may see a warning in Gmail that tells you that an email has arrived over an unencrypted connection. Gmail already defaults to using HTTPS for the connections between…
Over the last few years, Google brought support for encrypted HTTPS connections to almost all of its products, including search, Gmail and Google Drive. It’s now even using HTTPS support…
The Wikimedia Foundation Turns On HTTPS By Default Across All Sites, Including Wikipedia
The Wikimedia Foundation, which runs Wikipedia and a number of other wiki-based projects, announced this morning that it’s now implementing HTTPS by default across all its sites in order to encrypt…
Mozilla, EFF And Others Band Together To Provide Free SSL Certificates
Ideally, every time you visit a website, that connection should happen over a secure HTTPS connection so nobody can snoop on your surfing habits when you are using a public…
Notes From Crazytown, Day Three: Black Hat Breakdown
So far this week, at Black Hat, I have learned to deeply mistrust: passwords, chip-and-PIN cards, USB devices, HTTPS connections, more than two billion phones, governments worldwide, all human societies,…
Google Says Website Encryption – Or Lack Thereof – Will Now Influence Search Rankings
Google will begin using website encryption, or HTTPS, as a ranking signal – a move which should prompt website developers who have dragged their heels on increased security measures, or…
Twitter Enables "Always Use HTTPS" Setting
So did Ashton Kutcher complain after he got Twitter hacked at TED? As of today, Firesheep weary Twitter users can check the “Always Use HTTPS” setting at the bottom of…
Facebook Beefs Up Security With Social Captchas and All HTTPS, All The Time
Facebook is introducing two new measures to beef up security: expanding HTTPS connections as an all-the-time option and using social captchas to authenticate users who have lost passwords. Let’s take…