Guest Article by Monica Pathak, Lawyer at Goldstein DeBiase Manzocco, Serious Injury Lawyers
We live in a remarkable time in human history. Using nothing more
than a mobile device or a computer, we can access an encyclopedic wealth
of information and connect with others on social media with our
fingertips.Despite this opportunity for enlightenment in the Internet
age, there is a dark side to the web that is filled with revenge porn
and stories of cyber-bullying. This new form of victimization is an
oft-told tale that continues to grab headlines.
Celebs & Civilians are Victims of Cyber-bullying & Revenge Porn
In the last month, Apple Inc.’s iCloud service was hacked and a
collection of approximately 200 private and intimate photos of Hollywood
and sports celebrities, most notably Jennifer Lawrence, were leaked
online for the public’s salacious consumption.This week, an article in
the September 23rd, 2014 edition of the National Post
reported that hackers have threatened to release private(i.e. nude)
photos of actress Emma Watson in retaliation for her gender equality
speech at the United Nations (this threat was later determined to be a
hoax). The debate about images of public figures and their
victimizationaside, there are also sad and sordid stories about young
women like seventeen year old Rehtaeh Parsons of Nova Scotia whose rape
was recorded and uploaded to the Internet and fifteen year old British
Columbian Amanda Todd who was cyber-bullied. Both of these women were
tormented online and driven to suicide.
more info:
http://windsorite.ca/2014/09/the-dark-side-of-the-web-revenge-porn-cyber-bullying/
Monday, September 29, 2014
Monday, September 15, 2014
Saturday, September 13, 2014
Supported SSL Certs and OS
| SSL to OS/ application Handshake Simulation | |||
| Android 2.3.7 No SNI 2 | TLS 1.0 |
TLS_RSA_WITH_RC4_128_MD5 (0x4)
No FS
RC4
|
128 |
| Android 4.0.4 | TLS 1.0 |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
FS
|
256 |
| Android 4.1.1 | TLS 1.0 |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
FS
|
256 |
| Android 4.2.2 | TLS 1.0 |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
FS
|
256 |
| Android 4.3 | TLS 1.0 |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
FS
|
256 |
| Android 4.4.2 | TLS 1.2 |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
FS
|
256 |
| BingBot Dec 2013 No SNI 2 | TLS 1.0 |
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)
No FS
|
128 |
| BingPreview Jun 2014 | TLS 1.0 |
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39)
FS
|
256 |
| Chrome 36 / Win 7 R | TLS 1.2 |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
FS
|
128 |
| Firefox 24.2.0 ESR / Win 7 | TLS 1.0 |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
FS
|
256 |
| Firefox 31 / OS X R | TLS 1.2 |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
FS
|
128 |
| Googlebot Jun 2014 | TLS 1.0 |
TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011)
FS
RC4
|
128 |
| IE 6 / XP No FS 1 No SNI 2 | SSL 3 |
TLS_RSA_WITH_RC4_128_MD5 (0x4)
No FS
RC4
|
128 |
| IE 7 / Vista | TLS 1.0 |
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)
No FS
|
128 |
| IE 8 / XP No FS 1 No SNI 2 | TLS 1.0 |
TLS_RSA_WITH_RC4_128_MD5 (0x4)
No FS
RC4
|
128 |
| IE 8-10 / Win 7 R | TLS 1.0 |
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)
No FS
|
128 |
| IE 11 / Win 7 R | TLS 1.2 |
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)
No FS
|
128 |
| IE 11 / Win 8.1 R | TLS 1.2 |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
FS
|
256 |
| IE Mobile 10 / Win Phone 8.0 | TLS 1.0 |
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)
No FS
|
128 |
| IE Mobile 11 / Win Phone 8.1 | TLS 1.2 |
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)
No FS
|
128 |
| Java 6u45 No SNI 2 | TLS 1.0 |
TLS_RSA_WITH_RC4_128_MD5 (0x4)
No FS
RC4
|
128 |
| Java 7u25 | TLS 1.0 |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
FS
|
128 |
| Java 8b132 | TLS 1.2 |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
FS
|
128 |
| OpenSSL 0.9.8y | TLS 1.0 |
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39)
FS
|
256 |
| OpenSSL 1.0.1h | TLS 1.2 |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
FS
|
256 |
| Safari 5.1.9 / OS X 10.6.8 | TLS 1.0 |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
FS
|
128 |
| Safari 6 / iOS 6.0.1 R | TLS 1.2 |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
FS
|
256 |
| Safari 7 / iOS 7.1 R | TLS 1.2 |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
FS
|
256 |
| Safari 8 / iOS 8.0 Beta R | TLS 1.2 |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
FS
|
256 |
| Safari 6.0.4 / OS X 10.8.4 R | TLS 1.0 |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
FS
|
256 |
| Safari 7 / OS X 10.9 R | TLS 1.2 |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
FS
|
256 |
| Yahoo Slurp Jun 2014 No SNI 2 | TLS 1.2 |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
FS
|
256 |
| YandexBot May 2014 | TLS 1.0 |
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39)
FS
|
256 |
| (1) Clients that do not support Forward Secrecy (FS) are excluded when determining support for it. | |||
| (2) No support for virtual SSL hosting (SNI). Connects to the default site if the server uses SNI. | |||
| (R) Denotes a reference browser or client, with which we expect better effective security. | |||
| (All) We use defaults, but some platforms do not use their best protocols and features (e.g., Java 6 & 7, older IE). | |||
We get A for our enhanced SSL certificate impelemntatins.
We get A for a very well executed SSL ”secure socket
layer” certificate implementations.
I had discussion the other day with a client about the best
security for his site.
And I had to explain to him the 4 level of SSL certs you can
apply.
The first is only a self-signed and should only be used in a
Local LANs or when you have installed your own customer root CA.
The other 3 are what you can buy on the net:
The thing is for almost all of them they are the same Math
and Crypto, the only thing is with the deluxe and Premium you are also authenticating
the Company and Business.
So if you are selling things online, then I would go with Deluxe
or EV, if you are giving secure applications to clients. Then Standard is
great.
We at Canada Cyber insure that math and cryptography is correct not just the green bar. we insure we are using the highest level of encryption.
For example AES have been rated for Top Secret by the NSA https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
Thats why we use Just that:
Again it is very important to understand SSL.
Subscribe to:
Posts (Atom)