Info Security recently published an article about the Payment Card Industry's final push to force the adoption of TLS 1.1 or higher. This article provides a good summary of the evolution of SSL/TLS, the pitfalls of earlier versions, and advantages of the most recent standards …

All of the IWL staff has worked long and hard on perfecting a TLS Test Suite. Our clients — DevSecOps engineers — need to find bugs and security vulnerabilities in apps and devices before deployment. Once they’ve identified these problems, the problems are corrected and retested prior to deployment …

A New York City based start-up company, Confide, offers a text messaging system “with encrypted messages that self-destruct.” You can download the app at getconfide.com. Confide lets its users “discuss sensitive topics, brainstorm ideas or give unfiltered opinions without fear of the Internet’s permanent, digital record and with no copies left behind.” …

The revelation of the POODLE vulnerability demonstrated that SSL 3.0 should be disabled and removed from any products that still contain it. Companies taking this step include Twitter, Apple, EBay, Mozilla Firefox, Google, and PayPal.

When will others make the change to TLS 1.2? …

IWL used our Maxwell Pro TLS Test Suite to test one version of the GnuTLS library. It failed 39 out of 116 of our tests! …

The general public is now aware of something that we network plumbers have known for years: in many respects, the Internet is robust, but security is fragile. The Heartbleed SSL problem is estimated to cost millions of dollars. No one knows for sure when the next serious bug will show up and its ultimate price …