Premium Content

Access "Perspectives: SSL No Security Blanket"

Published: 22 Oct 2012

Encryption cannot patch the holes created by insecure software. Security practitioners love SSL, and with good reason. It is well designed with support for multiple encryption protocols, and is easily reconfigured in case any should get cracked or outdated. It is an incredibly useful tool, protecting transactions as they cross otherwise insecure channels such as the Internet. It's also great for certificate-based bilateral authentication, provided of course you actually have the cash and personnel resources to maintain it. If anything, SSL is too well implemented, and people think it covers all their needs, like a giant security blanket. They forget there is much more to security than just using SSL. Gene Spafford famously once said, "Using encryption on the Internet is the equivalent of arranging an armored car to deliver credit card information from someone living in a cardboard box to someone living on a park bench." He's still right today. Although operating systems are more secure than they were 10 years ago, and we are much better at patching them, ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free