Hundreds Of Thousands Of Websites To Be Marked As Insecure In Latest Firefox Update – Response From Industry Expert

Firefox’s latest update and its implications for the hundreds of thousands of websites that still use the outdated TLS 1 & 1.1 standards.

With this update, Firefox will restrict access to any website using TLS 1 & 1.1, marking them as insecure. Websites still relying on these standards include those of major banks, retailers, news organizations and other high-profile businesses.

 

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Kevin Bocek
Kevin Bocek , VP Security Strategy & Threat Intelligence
InfoSec Expert
March 11, 2020 12:08 pm

TLS certificates are a vital type of machine identity, part of the system of online trust that our entire digital world is built on. They enable browsers and websites to know what can or can’t be trusted, and communicate with each other securely. Yet the TLS 1 and 1.1 machine identity protocols are decades old, and have been found to be vulnerable to a number of cryptographic attacks. Firefox’s decision to remove these outdated protocols is therefore a major boost for the security of its users. Yet for the hundreds of thousands of websites that still use these machine identities, Firefox 74 will force them into quickly replacing TLS 1 and 1.1 or face the prospect of greeting visitors to their websites with insecure warnings, which can damage their business as well as their credibility. Firefox’s move underlines just how important it is for businesses to be able to quickly find and replace outdated machine identities. With the other major browsers expected to follow suit, this level of cryptoagility is now more important than ever.

Last edited 2 years ago by Kevin Bocek
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x