Web Security – Experimental News Clipping Site

The Register: New SSL/TLS cert to live no longer than 47 days by 2029

Apr 14, 2025

—

by

Source URL: https://www.theregister.com/2025/04/14/ssl_tls_certificates/ Source: The Register Title: New SSL/TLS cert to live no longer than 47 days by 2029 Feedly Summary: IT admins, get ready to grumble CA/Browser Forum – a central body of web browser makers, security certificate issuers, and friends – has voted to cut the maximum lifespan of new SSL/TLS certs to…

Slashdot: Chrome To Patch Decades-Old ‘Browser History Sniffing’ Flaw That Let Sites Peek At Your History

Apr 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://yro.slashdot.org/story/25/04/12/2054251/chrome-to-patch-decades-old-browser-history-sniffing-flaw-that-let-sites-peek-at-your-history?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Chrome To Patch Decades-Old ‘Browser History Sniffing’ Flaw That Let Sites Peek At Your History Feedly Summary: AI Summary and Description: Yes Summary: The article discusses a significant update in the Chrome browser that aims to mitigate a long-standing privacy attack known as “browser history sniffing.” This side-channel attack…

The Cloudflare Blog: A next-generation Certificate Transparency log built on Cloudflare Workers

Apr 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.cloudflare.com/azul-certificate-transparency-log/ Source: The Cloudflare Blog Title: A next-generation Certificate Transparency log built on Cloudflare Workers Feedly Summary: Learn about recent developments in Certificate Transparency (CT), and how we built a next-generation CT log on top of Cloudflare’s Developer Platform. AI Summary and Description: Yes **Summary:** The text provides a comprehensive overview of Certificate…

The Register: Chrome to patch decades-old flaw that let sites peek at your history

Apr 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/04/07/chrome_135_history_sniffing/ Source: The Register Title: Chrome to patch decades-old flaw that let sites peek at your history Feedly Summary: After 23 years, the privacy plumber has finally arrived to clean up this mess A 23-year-old side-channel attack for spying on people’s web browsing histories will get shut down in the forthcoming Chrome 136,…

AWS Open Source Blog: AWS Cloud Credits for Open Source Projects: Affirming Our Commitment

Mar 31, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://aws.amazon.com/blogs/opensource/aws-cloud-credits-for-open-source-projects-affirming-our-commitment/ Source: AWS Open Source Blog Title: AWS Cloud Credits for Open Source Projects: Affirming Our Commitment Feedly Summary: Today, Amazon Web Services is proud to reaffirm our commitment to providing vital infrastructure for free and open source software projects. One of the ways we are doing this is with an extended $3…

Slashdot: HTTPS Certificate Industry Adopts New Security Requirements

Mar 31, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://it.slashdot.org/story/25/03/31/0529220/https-certificate-industry-adopts-new-security-requirements?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: HTTPS Certificate Industry Adopts New Security Requirements Feedly Summary: AI Summary and Description: Yes Summary: The text discusses recent advancements and requirements from the CA/Browser Forum concerning TLS certificate issuance, highlighting the necessity for improved security practices such as Multi-Perspective Issuance Corroboration (MPIC) and linting. These changes aim to…

Google Online Security Blog: New security requirements adopted by HTTPS certificate industry

Mar 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: http://security.googleblog.com/2025/03/new-security-requirements-adopted-by.html Source: Google Online Security Blog Title: New security requirements adopted by HTTPS certificate industry Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the Chrome Root Program, detailing initiatives aimed at enhancing the security of TLS connections and the Web PKI ecosystem. Key developments include the adoption of Multi-Perspective Issuance…

Schneier on Security: AI Data Poisoning

Mar 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.schneier.com/blog/archives/2025/03/ai-data-poisoning.html Source: Schneier on Security Title: AI Data Poisoning Feedly Summary: Cloudflare has a new feature—available to free users as well—that uses AI to generate random pages to feed to AI web crawlers: Instead of simply blocking bots, Cloudflare’s new system lures them into a “maze” of realistic-looking but irrelevant pages, wasting the…

Slashdot: Cloudflare Turns AI Against Itself With Endless Maze of Irrelevant Facts

Mar 22, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://tech.slashdot.org/story/25/03/22/014247/cloudflare-turns-ai-against-itself-with-endless-maze-of-irrelevant-facts?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Cloudflare Turns AI Against Itself With Endless Maze of Irrelevant Facts Feedly Summary: AI Summary and Description: Yes Summary: Cloudflare’s introduction of “AI Labyrinth” represents an innovative approach to combatting unauthorized AI data scraping. Instead of blocking bots, this feature diverts them with AI-generated content, reflecting a progressive shift…

The Cloudflare Blog: Trapping misbehaving bots in an AI Labyrinth

Mar 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.cloudflare.com/ai-labyrinth/ Source: The Cloudflare Blog Title: Trapping misbehaving bots in an AI Labyrinth Feedly Summary: How Cloudflare uses generative AI to slow down, confuse, and waste the resources of AI Crawlers and other bots that don’t respect “no crawl” directives. AI Summary and Description: Yes Summary: The text introduces Cloudflare’s “AI Labyrinth,” an…

Tag: Web Security