Google+ Gets a “+1″ for Browser Security | The Barracuda Labs Internet Security Blog

Posted by on July 25, 2011Leave a Comment

Google+ Gets a “+1″ for Browser Security | The Barracuda Labs Internet Security Blog.

Barracuda compares Google+ vs Facebook with respect to SSL and Secure Headers. Google+ wins.

Filed Under: blog Tagged With: , , ,

Clear-text is Fine…It’s Internal.

Posted by on November 29, 2010Leave a Comment

Clear-text is Fine…It’s Internal..

In light of the recent discussions about public websites using SSL or not, our Managed Security Services Provider partner Solutionary discusses the reasons for NOT using clear text protocols even within the enterprise:

  • Corporate Insider / Disgruntled Employee
  • DMZ Host Compromised Externally
  • Internal Host Compromised Externally

Some examples of clear-text protocols and their encrypted alternatives are:
o    FTP -> SFTP
o    HTTP -> HTTPS
o    telnet -> SSH
o    SNMPv1 & 2 -> SNMPv3

Filed Under: blog Tagged With: , , , ,

Zscaler Research: Why the web has not switched to SSL-only yet?

Posted by on November 29, 2010Leave a Comment

Zscaler Research: Why the web has not switched to SSL-only yet?.

Great post following up on the Firesheep threat, detailing the reasons why more websites are not using SSL:

  • Server overhead
  • Increased latency
  • Challenge for CDNs
  • Wildcard certificates are not enough
  • Mixed HTTP/HTTPS: the chicken & the egg problem

Zscaler did a follow up blog post, SSL: the sites which don’t want to protect their users, highlighting popular sites which do not use SSL.

Full disclosure – Zscaler is a Cymbel partner.

Filed Under: blog Tagged With: , ,