a thoughtful web.
Good ideas and conversation. No ads, no tracking.   Login or Take a Tour!
comment by johnnyFive

    HTTPS protocols are their own layer on encryption, so accessing e-mail and bank accounts should still be relatively safe.

Emphasis on "relatively." The folks who found this vulnerability to WPA2 note in their explanation that plenty of vulnerabilities in the implementation have been found in HTTPS, too. So it's a case of a single point of failure rather than redundancy.





lm  ·  2355 days ago  ·  link  ·  

However, all of the vulnerabilities found in HTTPS have been fixed, and the TLS specs (the security layer of HTTPS) are regularly updated to remove insecure cryptographic algorithms and add new, improved algorithms.

Don't get me wrong; internet security is still a shitshow in many ways, but you should be confident in the encryption provided by HTTPS.

johnnyFive  ·  2355 days ago  ·  link  ·  

Sure, but it's important not to be complacent.