Research published by the Trustworthy Internet Movement, a nonprofit organization dealing with security on the Internet, reveals that 90 percent of the top 200 000 websites with https protection is vulnerable to attack SSL (Secure Sockets Layer). The data derived from a new project called SSL Pulse using an automated scanning technology to analyze the security of https sites located on the first list of the company analyzes Alexa.
The project uses an algorithm and ranking websites for security they provide and the protocols they use. Most sites were able to score a good score but only ten percent were truly safe. The rest were found to be vulnerable to an attack known as BEAST (Browser Exploit Against SSL / TLS) is used to decrypt tokens and cookies from certification requests HTTPS.
The vulnerability corrected in version 1.1 of the Protocol TLS servers but many still continue to support older protocols such as SSL 3.0, for compatibility with previous generations. “For the average website, which has significant potential value, the risk is very small. But for pages that have large numbers of users and important risk is too great. “