|01 May 2014||#1|
Google’s Chrome browser “blindly” trusting Heartbleed affected sites
How safe are you from Heartbleed? After the widespread security bug was discovered, many sites claimed to have safeguarded against it by resetting their OpenSSL cryptography. A new study takes a look at one of the more popular browsers in Chrome, noting it is nearly useless in spotting revoked certificates.
The problem within Chrome is CRLSet, which catalogs revoked security certificates. If a website has been compromised and had their security certificate taken away, CRLSet should know about it and give you a warning before proceeding. Gibson Research Corporation claims Google’s CRLSet — used in lieu of the online certificate status protocol — misses about 98% of revoked certificates.
|My System Specs|
|Similar help and support threads for2: Google’s Chrome browser “blindly” trusting Heartbleed affected sites|
|Browser Google Chrome is slow.||Browsers & Mail|
|google chrome browser||Browsers & Mail|
|Google chrome not deleting most visited sites on new tab page||Browsers & Mail|
|Best web browser like Google chrome?||Browsers & Mail|
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd
All times are GMT -5. The time now is 03:50 PM.