The Tor Project releases WebTunnel, a Tor bridge that mimics HTTPS traffic to help users bypass censorship targeting Tor by hiding connections in plain sight
The Tor Project officially introduced WebTunnel, a new bridge type specifically designed to help bypass censorship targeting …
Google plans to change Chrome's URL bar lock icon, introduced to show HTTPS, to a “variant of the tune icon”, saying HTTPS is now present on malicious websites
Google announced today that the lock icon, long thought to be a sign of website security and trustworthiness …
Let's Encrypt warns phones running Android 7.1 or older won't connect to many secure websites starting in 2021 as they will no longer trust its root certificate
It took a long time, but most of the web now uses HTTPS to securely transmit information, partially thanks to a push by Google.
Apple's decision in Feb. to limit HTTPS certs' lifespan to 398 days in Safari has been mimicked by Chrome and Firefox to the dismay of Certificate Authorities
Apple, Google, and Mozilla reduce the lifespan for HTTPS certificates to 398 days, against the wishes of Certificate Authorities.
Firefox begins rollout of encrypted DNS over HTTPS (DoH) by default for US-based users to thwart snooping ISPs
US-based Firefox users get encrypted DNS lookups today or within a few weeks. — Firefox will start switching browser users to Cloudflare's encrypted-DNS service today and roll …
Safari will reportedly no longer accept new HTTPS certificates that are valid for more than 398 days beginning on September 1, down from 825 days
Keep your crypto below 398 days after September 1 and you're all good — Safari will, later this year, no longer accept new HTTPS certificates …
Google says starting with Chrome 82 in April, it will gradually start blocking “mixed content downloads”, which are non-HTTPS downloads started on secure pages
Today we're announcing that Chrome will gradually ensure that secure (HTTPS) pages only download secure files.
Microsoft pushes a fix for a critical flaw in a cryptographic component present in all versions of Windows; NSA says it alerted Microsoft to the bug
rather than weaponizing it Robert Hackett / Fortune : The NSA patches up its reputation with a gift to Microsoft Mark Wyciślik-Wilson / BetaNews : Microsoft turns the screws on Windows 7 users with fu...
The Kazakhstan government is making ISPs force users to install a government-issued certificate on all devices and in every browser to intercept HTTPS traffic
Catalin Cimpanu / ZDNet :
Cloudflare aims to make HTTPS certs safe from Border Gateway Protocol hijacking attacks with a new free service called “multipath domain control validation”
Dan Goodin / Ars Technica :