Hackers have released a program they say will allow a single computer to take down a web server using a secure connection.
Read this
TalkTalk launches network-level security protection
Residential customers will automatically be protected from online threats if they opt in to TalkTalk's HomeSafe security service
The THC-SSL-DOS tool, released on Monday, purportedly exploits a flaw in Secure Sockets Layer (SSL) renegotiation protocol by overwhelming the system with multiple requests for secure connections. SSL renegotiation allows websites to create a new security key over an already established SSL connection.
A German group known as Hackers Choice said it released the exploit to bring attention to flaws in SSL, which allows sensitive data to flow between websites and individual user's computers without being intercepted. "We are hoping that the fishy security in SSL does not go unnoticed," an unidentified member of the group said in a blog post.
For more on this ZDNet UK-selected story, see New attack tool targets Web servers using secure connections on CNET News.
Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.
