Back in November, we found out that a good chunk of websites using Let's Encrypt certificates would stop working on older Android devices next year. The cause was an expiring partnership with IdenTrust, who cross-signed the company's keys for older platforms. Thankfully, a solution has been established, and sites using Let's Encrypt certificates don't have to worry about issues with older Android devices next year anymore. Read More
It took a long time, but most of the web now uses HTTPS to securely transmit information, partially thanks to a push by Google. However, this does mean that many websites could encounter issues (or fail to load entirely) if the proper certificates aren't installed on your device, which is exactly what will happen to older Android devices next year. Read More
Google has been planning to mark all HTTP sites as non-secure in Chrome for a while now, but the company is taking baby steps to ensure users (and owners of HTTP-only sites) don't freak out. Chrome already identifies HTTP sites with password or credit card fields as "Not Secure" in the address bar, and Chrome 62 will expand that to any HTTP site with any data entry fields. Read More
Chrome 58 was just released on the desktop a few days ago, and in speedier fashion than usual, Chrome 58 for Android is now available. This update focuses on improvements to Chrome Custom Tabs and Progressive Web Apps, includes dozens of minor improvements, and blocks HTTPS/SSL certificates from certain certificate providers. Read More
The Internet has been abuzz over the recently discovered Heartbleed bug. If you're not already familiar, Heartbleed is a vulnerability in the OpenSSL software library that allows an attacker to steal data directly from the memory space of an application and learn the private keys used to keep data securely encrypted as it travels over the Internet. The implications of this kind of leak are certainly severe, and it has everybody rushing to either install updates that fix the bug or implement workarounds to disable it.
As users, there's not a lot you can do to close this security hole on your device, but you might still want to know if you're vulnerable. Read More