Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Website Security Solutions

The blogosphere presently is having a problem with bad evidence

Created: 06 Mar 2008 • Updated: 18 Dec 2012
Tim Callan's picture
0 0 Votes
Login to vote

As someone who focuses most of his work hours on SSL and related technologies, I read a lot of what is written on that subject in the press and the blogosphere and social media sites. I've grown used to a certain amount of misinformation floating around out there and typically view it as a hazard of the online medium.

It happens right now that the dialog around SSL is having a particular problem with information being misinterpreted or taken out of context, or occasionally appearing out of thin air. I'm going to dedicate a few postings to explaining what these misinterpretations are and shining a light on the associated facts.

Let's start with this article that appeared last week from Netcraft. This article discusses the cross-site scripting attack (XSS) and its presence on sites featuring Extended Validation SSL. The trouble with this article in a nutshell is that it implies a connection between two security matters (XSS and EV SSL) that are unconnected.