Logjam Can Hijack Your HTTPS Connections



/ 3 years ago

https

There are a lot of techniques involving malware, trojans or other sort of attacks, but this one seems to affect the common and widely used HTTPS protocol, making it more ‘nasty’ than the rest. Logjam is a cryptographic attack that targets the Diffie-Hellman key exchange in HTTPS, SSH, SMTPS and other sort of negotiation protocols used by the server and browser.

So why is it so important for us to know about? It’s simple. The technique uses a man-in-the-middle approach to break the 512-bit encryption and make it readable. An academic team said that it was even able to beat a 768-bit encryption, but word is that even a 1024-bit encryption can be taken down with enough effort. What this means is that hackers using the latter technique can easily spy on the top 1 million HTTPS domains and even 66% of VPN servers.

Security specialists say that users should upgrade their browsers to the latest version and server owners should disable support for external cypher suites that generate 2048-bit Diffie-Hellman group along with updating to the latest OpenSSH. They say that the technique at hand can even be used by government agencies to easily spy on your web traffic, so hackers aren’t your only concern.

So, are you keeping everything up to date?

Thank you macnn for providing us with this information
Image courtesy of PSDGraphics

Topics: , , , , , , ,

Support eTeknix.com

By supporting eTeknix, you help us grow. And continue to bring you the latest news, reviews, and competitions. Follow us on Facebook and Twitter to keep up with the latest technology. Share your favourite articles, chat with the team and more. Also check out eTeknix YouTube, where you'll find our latest video reviews, event coverage and features in 4K!
eTeknix FacebookeTeknix TwittereTeknix Instagram

Check out our Latest Video

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!


Optimized with PageSpeed Ninja