Archive | 2015

Bypass or Disable error – Server has a weak, ephemeral Diffie-Hellman public key

Sometimes when browser vendors try to help make the world more secure, they actually cause more inconvenience that necessary. Recently both Firefox and Chrome/Chromium stopped supporting weak ephemeral Diffie-Hellman public keys – this was in the hope of mitigating the LogJam attack that surfaced a few months ago. The problem is that many industry standard bits […]


PCI Compliance – Choose your ASV wisely

If you run a website that takes payments from customers then there is a good chance you have come across the term PCI Compliance – PCI being an abbreviation for the Payment Card Industry. I spend a considerable amount of time in my day job dealing with PCI ASVs (Approved Service Vendors) and the reports […]