Let’s Encrypt temporarily solves problems on older Android phones
Let's Encrypt has found a solution to the problem that older Android smartphones will soon no longer trust some websites due to an expired certificate. No action from end users is required.
To solve the problematic TLS certificates, Let's Encrypt and IdenTrust agreed that the latter company woul... Read more
Firefox 83 comes with an ‘HTTPS-Only-Mode’ loading only HTTPS sites
Firefox 83 is scheduled to be released on Wednesday and will come with a new security feature designed to load all websites using HTTPS. The feature is called "HTTPS-Only-Mode." If the loading does not go through, an error message on the sites that only support the older and less secure HTTP protoc... Read more
Many websites will soon stop working on older Android phones
Android phones with Android 7.1.1 or older will soon be unable to reach many websites. This applies to websites with a TLS certificate from Let's Encrypt. A workaround is available.
For years, Let's Encrypt has been distributing free TLS certificates to websites that want to secure their connect... Read more
Majority of malware is invisible without https inspection
Two-thirds (67 percent) of the malware delivered in the first quarter of 2020 used encrypted https connections, according to a study by WatchGuard Technologies. Without https inspection, these threats can not be detected.
Of the encrypted malware, 72 percent involve zero-day malware that hasn't ... Read more
Mozilla adds second DNS over HTTPS service to Firefox
NextDNS becomes the second DNS-over-HTTPS (DoH) provider in Firefox, after Cloudflare. With DoH, Internet users can hide their DNS requests and bypass Internet blockages.
To become part of Firefox, NextDNS had to prove that it stores as little data as possible, is transparent about that data, an... Read more
Google, Apple and GoDaddy issued more than 1 million wrong certificates
A big mistake by Apple, GoDaddy and Google caused no less than 1 million wrong certificates to be given to websites. These certificates do not meet the industry's own requirements. The problem is caused by an incorrect configuration of the open-source EJBCA software.
Many of the companies that issue... Read more