Posted: Sat 09 Nov 2013, 05:37 Post subject:
Two simple security tests Subject description: https pfs test for browsers and websites
One of the Snowden / NSA revelations was that many https enabled browsers and websites have the "forward secrecy" feature turned off by default or not built in at all. This means that someone who records the communication between a computer and the https website might be able to decrypt the communication plus all past communication later when he or she gets hold of the secret RSA key on the server of the website.
I am no expert but I guess it will not take too long before not only the NSA but also the more common malicious hackers and bank robbers have access to this trick, so this hole needs to be plugged
With forward secrecy the same secret key is discarded after the communication, with each session another oneis created
Here is a test if your browser supports forward secrecy:
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum