Companies that do not do enough to keep their websites secure are to be named and shamed to help improve security. The list of good and bad sites will be published regularly by the non-profit Trustworthy Internet Movement (TIM). A survey carried out to launch the group found that more than 52% of sites tested were using versions of security protocols known to be compromised. The group will test websites to see how well they have implemented basic security software. Security fundamentals The group has been set up by security experts and entrepreneurs frustrated by the slow pace of improvements in online safety. "We want to stimulate some initiatives and get something done," said TIM's founder Philippe Courtot, serial entrepreneur and chief executive of security firm Qualys. He has bankrolled the group with his own money. TIM has initially focused on a widely used technology known as the Secure Sockets Layer (SSL). Experts recruited to help with the initiative include SSL's inventor Dr Taher Elgamal; "white hat" hacker Moxie Marlinspike who has written extensively about attacking the protocol; and Michael Barrett, chief security officer at Paypal. Continue reading the main story “ Start Quote Everyone is now going to be able to see who has a good grade and who has a bad grade” Philippe Courtot Many websites use SSL to encrypt communications between them and their users. It is used to protect credit card numbers and other valuable data as it travels across the web. "SSL is one of the fundamental parts of the internet," said Mr Courtot. "It's what makes it trustworthy and right now it's not as secure as you think." Compromised certificates TIM plans a two-pronged attack on SSL. The first part would be to run automated tools against websites to test how well they had implemented SSL, said Mr Courtot. "We'll be making it public," he added. "Everyone is now going to be able to see who has a good grade and who has a bad grade." Early tests suggest that about 52% of sites checked ran a version of SSL known to be compromised. Companies who have done a bad job will be encouraged to improve and upgrade their implementations so it gets safer to use those sites. The second part of the initiative concerns the running of the bodies, known as certificate authorities, which guarantee that a website is what it claims to be. TIM said it would work with governments, industry bodies and companies to check that CAs are well run and had not been compromised. "It's a much more complex problem," said Mr Courtot. In 2011, two certificate authorities, DigiNotar and GlobalSign were found to have been compromised. In some cases this meant attackers eavesdropped on what should have been a secure communications channel. Steve Durbin, global vice president of the Information Security Forum which represents security specialists working in large corporations, said many of its members took responsibility for making sure sites were secure. "You cannot just say 'buyer beware'," he said. "That's not good enough anymore. They have a real a duty of care." He said corporations were also increasingly conscious of their reputation for providing safe and secure services to customers. Data breaches, hack attacks and poor security were all likely to hit share prices and could mean they lose customers, he noted.
Wednesday 25 April 2012
Subscribe to:
Post Comments (Atom)
Popular Posts
-
Northern Rock has been sold to Virgin Money, for £747m, marking the first return to the private sector of a UK government-backed bank sinc...
-
Florida Department of Corrections Griselda Blanco in 2004. The convicted Colombian drug smuggler known as the “Godmother of Cocaine,” Grisel...
-
M&S workers pose nude for charity calendar sold under the counter A calendar with pictures of scantily clad Marks & Spencer staff ha...
-
Hector Morales, 38, is president of the motorcycle gang "No Remorse," according to a police report. ( Orange County Jail / Dece...
-
British police are still trying to trace £18m allegedly stolen by the Liberal Democrats' fugitive donor Michael Brown, who is expected t...
-
Two small faces pull the curtain back in a side room and peer round to see who is at the door. After they run back inside, their mother, M...
-
"Never doubt that a small group of thoughtful, committed people can change the world. Indeed, it is the only thing that ever has."...
-
109 million euro plan to expand Marbella’s fishing port has finally been given the green light. The long planned transformation of La Baja...
-
Surfers Paradise nightclub had been a target for alleged bikie money laundering amid growing business links between powerful Gold Coast b...
Pageviews from the past week
Text Widget
Recent Posts
Download
Subscribe via email
Headlines
Páginas
Blog Archive
-
▼
2012
(345)
-
▼
April
(50)
- Lock your doors alert as Whitby double murder susp...
- Gas canister man storms office
- Credit card fraud websites shut down on three cont...
- Reopen Madeleine case, police urge
- Insecure websites to be named and shamed after checks
- Anti-depressants likely do more harm than good, st...
- Madeleine McCann, the British girl who went missin...
- Dengue Fever Asian Mosquito Could Invade UK
- Opiates Killed 8 Americans In Afghanistan, Army Re...
- exploding the common myths about which foods are g...
- police hunt for Michael Brown's missing millions
- Donaldson enjoyed a lavish lifestyle in Marbella a...
- Wayne Rooney launches phone-hacking claim
- Mike Tyson has for the first time revealed his low...
- EU condemns Repsol state seizure
- Hacking scandal: the net tightens on the Murdochs
- France and Germany want to suspend the Shengen Agr...
- British police arrested three people, including th...
- Phone data shows romance 'driven by women'
- Secret Service scandal sheds light on sex tourism ...
- Sex Robots Will Revolutionize Sex Tourism,
- Diddy tops hip-hop rich list
- 10 things not to say to someone when they're ill
- Energy-rich Qatar seeks la dolce vita with purchas...
- British terror supergrass sentence cut by two years
- Western embassies targeted in Afghanistan attacks
- Taliban free hundreds from Pakistan prison
- Surf Air: Can an all-you-can-fly airline possibly ...
- Worrying is good for you and reflects higher IQ
- Eating nuts can help stave off obesity, says study
- London buses have been booked to carry a Christian...
- Your Vagina Isn't Just Too Big, Too Floppy, and To...
- thank each and every one of you, every beautiful p...
- Laser attacks on planes are surging, warn aviation...
- Crisis-hit Greece rents police for €30 per hour
- Vinnie Jones heads to Marbella
- Man in court on murder bid charge
- Emails sent to the Big Pictures agency in 2010 and...
- Addictive painkiller sales surge in new parts of U.S.
- Freedom near after years in hell but Schapelle Cor...
- Whitney Houston 'Powdery' substance in hotel bathroom
- Pensioner shoots himself at Greek Parliament, refu...
- Trolling Could Get You 25 Years in Jail in Arizona
- New info about statin safety affects millions
- Why don't GPS warn you that statins can harm your ...
- James Murdoch to resign as BSkyB chairman
- Canadian man detained in Spain 'extremely thin and...
- $10 mln bounty on LeT founder Hafiz Saeed
- Salou, the northern Spanish town where thousands o...
- Amy Winehouse 'spent £1 million on drugs in three ...
-
▼
April
(50)
0 comments:
Post a Comment