Last August, we wrote about the number of HTTPS requests and the share of TLS 1.3. During last week, we observed the following numbers on our website: The share of TLS 1.3 requests was 81.5%. This is a small increase by 4.5% compared with August 2020. The remaining 18.5% are… Read more »

We endorse “responsible disclosure” of security issues: If security professionals identify potential security issues, they should contact the affected party before reporting anything publicly. The affected party should investigate the potential problem and share essential information with the reporter. If a security vulnerability exists, both parties should agree on what… Read more »

Each month, we publish a review that covers essential activities of the last 30 days. This month, we discuss “Dependency confusion” attacks, malware for Apple’s M1, “Dynamic State Partitioning” in Firefox 86, and more. Read more »

FIRST provides the “Common Vulnerability Scoring System," which many people and organizations use to rate the severity of security vulnerabilities. However, some people misunderstand the scope of CVSS. In this article, we debunk three myths regarding CVSS. Read more »

For more than three years, we offered OpenPGP keys so you could encrypt your e-mails before sending them to us. However, the number of encrypted e-mails is meager. In 2019, about 1.5% of e-mails sent by readers were encrypted. Last year, the number went down to less than 1%. More… Read more »

Each month, we publish a review that covers essential activities of the last 30 days. This month, we discuss current TLS recommendations, new features in Firefox and Chromium, and the war of instant messengers. Read more »

Several days ago, the Dutch National Cyber Security Centre released its updated “IT Security Guidelines for Transport Layer Security (TLS).” The current version 2.1 covers many aspects of TLS and further considerations, like post-quantum security, certificate management, and random number generators. A notable change is the downgrade of TLS 1.2,… Read more »

In the final monthly review of 2020, we talk about recent news, our activities in 2020, and the state of our website. Read more »

Firefox 85 introduces “Network Partitioning,” which is part of the “client-side storage partitioning.” Modern web browsers heavily rely on caching content to offer a fast browsing experience. However, shady websites can misuse caching mechanisms to identify and track users. The “client-side storage partitioning” (aka “cache partitioning”) isolates the cache belonging… Read more »

When you can e-mail us This year, we received an overwhelming number of e-mails, including questions about our content, requests to update or write new content, and some general suggestions. However, we also got a considerable number of e-mails in the style of “I want to buy your domain name,”… Read more »