DNSSEC has taken shape, and has become essential in security process recommended by ANSSI as well as the web in general. And yet, it’s a barbaric term that is often scary as we don’t know how it works and what it’s used for. This article will focus on clarifying this term. The Domain Name System Security Extensions is a standardized protocol of communication allowing to resolve security problems related to DNS. We will begin by a reminder of what is the DNS. What is the DNS? S... Read More
Category: Cybersecurity
Towards a 100% encrypted web, the new challenges of HTTPS
Between Mars, 2016 and Mars, 2017, Let’s Encrypt has issued 15 270 SSL certificates containing “PayPal” term, 14 766 of these certificates were issued for domains leading to phishing websites. It’s the result of the recent analysis led by Vincent Lynch, SSL expert. Lynch was closely interested in this case, after an interesting article published by Eric Lawrence (Google Chrome Security Team) in January 2017, the image above is from this article named “Certified Malice “which expos... Read More
HTTPS and SSL: Google continues its offensive
Chrome 53 launched on 31 August 2016 and with it Google is continuing its offensive for a safer internet. With its Chrome navigator, Google signals even more clearly when as site does not use httpS on its landing page. And the version to come will continue in this vein barring purely and simply HTTP with a Red cross. This ‘ugly defacement’ will be difficult to accept on corporate websites, in particular well-known brands. Firefox has already announced a similar measure. Add to that the ... Read More