Free Post tls Big HTTPS changes coming in Chrome Chrome has certainly been one of the main contributors towards the recent push to HTTPS online and without their contribution, I do find myself wondering how much progress would have...
Free Post chrome URLs are hard, let's kill them We've seen a couple of changes in the Chrome UI recently and one of them attracted some pretty fierce criticism online rather quickly. With the removal of some of the...
Free Post HTTPS Hacking Chrome to Look More Awesome! I've been playing around with a few of the 'hidden' flags in the Chrome browser and I've come up with a selection of settings that I think really improve the...
Free Post chrome Chrome to the future We recently saw the release of Chrome 68 which brought with it a default 'Not Secure' warning on all HTTP pages. This change appears to have come as a surprise...
Free Post HTTP One small step for a browser, one giant leap for web security! With the release of Chrome 68 we're seeing a fundamental shift in our expectations of security on the Web, we will now see the 'Not Secure' warning present on all...
Free Post chrome Adding Expect-CT and Expect-Staple entries to the HSTS Preload List Two of the new reporting features in https://report-uri.com currently require additions to the HSTS Preload List in Chromium. Here's a quick guide on how to request your site...
Free Post PKI Are you ready for the Symantec distrust? It's been common knowledge in the wider PKI community that Symantec, the Certificate Authority, is currently being distrusted and will soon cease to exist as a CA. My worry is...
Free Post HSTS Bypassing HSTS or HPKP in Chrome is a badidea I saw some research published at BlackHat EU recently that detailed various ways to bypass both HSTS and HPKP in a variety of mainstream browsers. It was a novel technique...
Free Post chrome Chrome Address Spoofing PoC An address spoofing vulnerability has been disclosed in Google Chrome that not only allows a site to change the address you see in the address bar, but the certificate if...
Free Post chrome Why you shouldn't use your browser to store online passwords A recently publicised "flaw" in Chrome and Firefox could allow someone with access to your computer to view all of your online passwords in a matter of seconds. Let's look at exactly what the problem is and what can be done about it. The...