Ars Technica

Ciphers and the BEAST

What's your solution to hardening IIS against the BEAST? Prioritizing non-CBC ciphers (i.e. putting TLS_RSA_WITH_RC4_128_SHA and TLS_RSA_WITH_RC4_128_MD5 at the top of the list) does 'mitigate' the ...
Ars Technica

Looking to bolster Windows ciphers, protocols, and hashes

I've used the Nartac Software IIS Crypto tool* to set the Windows SSL cipher suite order, secure protocols, ciphers, hashes, and key exchanges on newly set up Windows servers running modern ...
PC World

Google speeds up encrypted Web communications in Chrome on Android

Google has added support for a new TLS cipher suite in its Chrome browser for Android that the company claims will provide better security and performance for encrypted communications on mobile ...
Infosecurity-magazine.com

Google Swaps Out Crypto Ciphers in OpenSSL

Given recent attacks against older, commonly-used encryption modes RC4 and CBC, the Google team began implementing new algorithms – ChaCha 20 for symmetric encryption and Poly1305 for authentication – ...
Computerworld

Microsoft continues RC4 encryption phase-out plan with .NET security updates

Microsoft released optional security updates Tuesday for various versions of the .NET Framework that prevent the RC4 encryption algorithm from being used in TLS (Transport Layer Security) connections.