ANOTHER week another crack in the internet’s encryption infrastructure!
It seems another there has been another ‘hijack’ of a secure session 
between a web browser and a web server.
Background: ”When a browser and a server launch a secure connection, they first have to decide which protocol versions they know, and settle on the most recent one known to both. Opera works with TLS 1.2, as does Internet Explorer 8 using Windows 7. Apparently, though, Apple’s Safari, Mozilla’s Firefox, and Google’s Chrome do not, nor do many popular mobile browsers. This means that anyone using them might be vulnerable to a TLS 1.0 attack.”
I guess the simple way to defeat this type of attack it would be a worldwide update to TLS 1.1 or 1.2. Websites would not even need to obtain new digital certificates. With such a relatively trivial change for a known set of problems with the answer already in place, the question is why didn’t they do so years ago?
It seems that hackers may have had a four-day head start when they broke into Canadian government systems back in January of this year in an attack which still is leaving employees with a distrupted Internet connection after the attack revealed serious flaws in the security of federal computer systems.
The departments, whose networks are linked, began to remove infected computers and institute a series of rolling Internet outages to get to the root of the attack – all very time consuming, all very costly.
With quotes like this from the Mirror online earlier this month
“half of brits have been cyber crime victims with 19 hits
every minute”
And…
“IT security firm McAfee claims to have uncovered one of the largest ever series of cyber attacks” - from the BBC - Is the net secure?
Is the next “9/11″ going to happen online or are we going to take internet security a little more seriously and all do our bit to prevent “the big-one” happening? When are we going to start taking passwords more seriously for instance? – “abc123″ won’t do, and certainly not for every single online account you own!
Alchemy Systems takes internet security very seriously – I’m talking beyond not posting images of your young children on Facebook or randomly handing round your mobile number to all and sundry. Alchemy Systems is thinking about how your business would be affected if your servers were hacked and all your business data was violated!
In a nutshell Alchemy Systems supply, install and support complete business solutions to maximise the efficient running of your company. Our suppliers, affiliates and experience will enable you to make informed decisions while our support services provides tailored back up to ensure the cogs keep turning.
When was your whole system last checked over? Has your whole IT system ever had an MOT? Let Alchemy give you a free system check, and remember – tomorrow might be too late!
Ring us today on Tel: +44 (0)1404 42882 or better still… e: sales@alchemysys.co.uk Tw:@alchemysystems it could be the best call you make this month!
Alchemy Systems - our business is looking after your business!
http://www.alchemysys.co.uk
www.twitter.com/alchemysystems
