Slashdot Mirror

← Back to Stories (view on slashdot.org)

90% of All SSL VPNs Use Insecure Or Outdated Encryption

Posted by yaelk on Friday February 26, 2016 @09:09AM from the is-your-browser-secure dept.

An anonymous reader writes: 90% of all SSL-based VPNs use insecure or outdated encryption. According to research conducted by information security firm High-Tech Bridge, almost three-quarters of all SSL VPNs use the outdated SSLv3 and SSLv2. In addition, another three-quarters use untrusted certificates exposing users to MitM attacks. 74% use SHA-1 to sign certificates, while 5% of all SSL VPNs still use MD5. All of a sudden, VPNs don't look that secure anymore.

1 of 67 comments (clear)

Min score:

Reason:

Sort:

Re:Untrusted certs by Aighearach · 2016-02-26 09:36 · Score: 1, Offtopic

Never click the story. This is slashdot.
Instead, research the subject independently and come back here to discuss things more interesting than whatever vapid shit the story went on and on about.