Published by The Lawfare Institute
in Cooperation With
The tiny padlock icon that sits next to many web addresses, suggesting protection of users’ most sensitive information — like passwords, stored files, bank details, even Social Security numbers — is broken. A flaw has been discovered in one of the Internet’s key encryption methods, potentially forcing a wide swath of websites to swap out the virtual keys that generate private connections between the sites and their customers.It's easy to overstate the significance of these types of flaws -- the vulnerability is real, but the extent to which it has been exploited is unknown and, as yet, there is no evidence of exploitation at all. Here's a good summary of "what it means for you" from Lifehacker. And here's another one, from LastPass (the password locker I use). Whatever the ultimate ground-truth, this is a pretty significant cautionary note. Me? I'm going to change some passwords.