Firefox, Chrome, Edge, Internet Explorer and Safari are all dropping support for older versions of the onlin e security protocol TLS, used in practically any encrypted exchange online. While few people or machines are using the long-unsafe TLS 1.0 and 1.1, they’re still permitted in many connections — but no t for long #AceNewsDesk reports
AceNewsDesk – Oct.16: Transport Layer Security is a community-developed standard that got its 1.0 release nearly 20 years ago: It and its close relative, 1.1, have known flaws that make them unsafe to use for any secure communications. 1.2 addressed these major flaws in 2008 and is currently used by the vast majority of clients. 1.3, released earlier this year, both improves and streamlines the standard, but as yet has only a limited presence online as many servers and services haven’t been updated to support it #AceNewsDesk reports
The messy, musical process behind the web’s new security standard
Mozilla, Google, Microsoft and WebKit all made separate but similar announcements on their blogs, essentially that the old versions, 1.0 and 1.1, will be phased out by early 2020 — March specifically for some, which we can take as a general indicator for the others.
“Two decades is a long time for a security technology to stand unmodified,” wrote Microsoft’s Kyle Pflug. “While we aren’t aware of significant vulnerabilities with our up-to-date implementations of TLS 1.0 and TLS 1.1, vulnerable third-party implementations do exist. Moving to newer versions helps ensure a more secure Web for everyone.”
As a user you don’t need to do a thing. The browsers and apps you use will work just as they have before — chances are they’re all using 1.2 already. Mozilla shared a chart showing that only a smattering of connections it sees use the earlier versions:
These connections, low by proportion but still numerous, could be lots of things. Legacy machines embedded here are there; old apps for which the security stack hasn’t been updated in years; hacked devices. It’s almost certainly not you or even your parents.
The long lead time is given because of the possibility (nay, inevitability) that there are some critical systems (for example in aging municipal infrastructure) that will cease to work because of this change. People need time to do a real audit, although they probably should have done it years ago.
This move should make everyone a little safer online, though everything will continue to act exactly as it did before. That’s by design.
Source: TechCrunch.Com/ and https://t.me/TheHackerNewsRSS/1002 Published: October.15: 2018:
Editor says #AceNewsDesk reports & #Brittius says are provided by Sterling Publishing & Media News and all our posts, links can be found at here Live Feeds https://acenewsroom.wordpress.com/ Ace News Services Posts https://t.me/AceSocialNews_Bot and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com or you can follow our breaking news posts on AceBreakingNews.WordPress.Com or become a member on Telegram https://t.me/acebreakingnews all private chat messaging on here https://t.me/sharingandcaring