The dust from ekoparty, an Argentinian security conference, has settled, and we now have details on CRIME, an attack on the encryption widely used in web browsers. When we previously talked about CRIME the details of the attack were speculation. They now appear to have been correct. To recap, if the attacker can hijack your […]
When we came across this misbehaviour a little while ago we didn’t think too much of it. We unearthed the cause and worked around it, but ultimately dismissed it as an odd one-off. Since then it’s cropped up a few more times, and it doesn’t look like it’s going away, so we thought we’d tell […]
I thought I’d take the opportunity to focus on something different for this post, we’re going to look at a recently announced attack against SSL/TLS called “CRIME”. To bring you up to speed, SSL (Secure Sockets Layer) is the original protocol that secures your connection whenever you use a URL beginning with “https://” in your […]
Today I’ve been looking over the legacy architecture for a new customer we have coming on board. I think it’s fair to say that they’re of a substantial size. One of the things that stands out to me is that they have five load-balancers (huh?) on the public-facing end, and then seven nginx frontends terminating […]
Copyright Anchor Systems © 2021. All rights reserved.
