Biometrics do not solve password problems

One year on from the Heartbleed episode, we see more and more reports of passwords being stolen. Every time it happens some commentator or vendors will come forward and say biometrics are the answer.

They are not…

Continue reading “Biometrics do not solve password problems”

Heartbleed – Can CRLs cope?

It has been shown that Heartbleed can be used to leak SSL private keys (if the attackers are lucky). So now many experts are recommending that you revoke and re-issue SSL certificates for your web server. Can the certificate revocation mechanism cope?
Continue reading “Heartbleed – Can CRLs cope?”