Google+ Gets a “+1″ for Browser Security | The Barracuda Labs Internet Security Blog.
Barracuda compares Google+ vs Facebook with respect to SSL and Secure Headers. Google+ wins.
Google+ Gets a “+1″ for Browser Security | The Barracuda Labs Internet Security Blog
on July 25, 2011 • Leave a Comment
Clear-text is Fine…It’s Internal.
on November 29, 2010 • Leave a Comment
Clear-text is Fine…It’s Internal..
In light of the recent discussions about public websites using SSL or not, our Managed Security Services Provider partner Solutionary discusses the reasons for NOT using clear text protocols even within the enterprise:
- Corporate Insider / Disgruntled Employee
- DMZ Host Compromised Externally
- Internal Host Compromised Externally
Some examples of clear-text protocols and their encrypted alternatives are:
o FTP -> SFTP
o HTTP -> HTTPS
o telnet -> SSH
o SNMPv1 & 2 -> SNMPv3
Zscaler Research: Why the web has not switched to SSL-only yet?
on November 29, 2010 • Leave a Comment
Zscaler Research: Why the web has not switched to SSL-only yet?.
Great post following up on the Firesheep threat, detailing the reasons why more websites are not using SSL:
- Server overhead
- Increased latency
- Challenge for CDNs
- Wildcard certificates are not enough
- Mixed HTTP/HTTPS: the chicken & the egg problem
Zscaler did a follow up blog post, SSL: the sites which don’t want to protect their users, highlighting popular sites which do not use SSL.
Full disclosure – Zscaler is a Cymbel partner.