by Karl Denninger
Websites have been warned they could be exposed to eavesdroppers, after researchers discovered a new way to disable their encryption protections.
The experts said about a third of all computer servers using the HTTPS protocol – often represented by a padlock in web browsers – were vulnerable to so-called Drown attacks.
They warn that passwords, credit card numbers, emails and sensitive documents could all be stolen as a consequence.
I had an associate ping me on this one yesterday and I replied with a couple of short, curt words: No SSLv2.
Some background is in order.