If you use your phone or other mobile device to access secure sites (HTTPS) like banking, you should be aware that a new attack has been discovered against HTTPS on mobile web browsers. The attack, called CRIME, targets TLS compression/SPDY and allows attackers to decrypt secure data streams. The concern is that most, if not all, mobile systems are vulnerable.
Desktop browsers like Chrome and Mozilla have been patched for this and IE doesn’t support TLS compression/SPDY at all. Safari doesn’t support SPDY but its TLS compression support is unknown.
This work, unless otherwise expressly stated, is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.