Invalid SSL certificates
We all know them. But how bad are they? And what can we do to improve the situation?
Basically the users are a weak link in multiple directions. If we teach users that SSL certs that are bad are OK to accept and continue as if nothing is wrong, we are taking away all their defense against man in the middle attacks. Equally we allow our users to accept and continue interacting with websites that by providing an invalid certificate actually proofed there is something wrong with them.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.