Google Prepares Fix To Stop SSL/TLS Attacks

Google Prepares Fix To Stop SSL/TLS Attacks 122

Posted by samzenpus on Thursday September 22, 2011 @05:40AM from the raise-shields dept.

OverTheGeicoE writes "It was reported Tuesday that researchers had found a way to break the most commonly used SSL/TLS encryption in browsers. According to the Register, Google is pushing out a patch to fix the problem. The patch doesn't involve adding support for TLS 1.1 or 1.2. FTFA: 'The change introduced into Chrome would counteract these attacks by splitting a message into fragments to reduce the attacker's control over the plaintext about to be encrypted. By adding unexpected randomness to the process, the new behavior in Chrome is intended to throw BEAST off the scent of the decryption process by feeding it confusing information.' The fix is supposedly in the latest developer version of Chrome."

Google Prepares Fix To Stop SSL/TLS Attacks

Search 122 Comments Log In/Create an Account

Comments Filter:

Re:TLS 1.1 or 1.2? (Score:4, Insightful)

by wisesifu ( 1358043 ) writes: on Thursday September 22, 2011 @05:54AM (#37477592)

Its not the only the browsers that need to support the newer versions of these protocols, but also the servers.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Google Prepares Fix To Stop SSL/TLS Attacks 122

Google Prepares Fix To Stop SSL/TLS Attacks More Login

Google Prepares Fix To Stop SSL/TLS Attacks

Re:TLS 1.1 or 1.2? (Score:4, Insightful)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot