Mikey Campbell
Four tech industry titans, Apple, Google, Microsoft and Mozilla, this week announced plans to move from Transport Layer Security (TLS) 1.0 and 1.1 to modern, more secure versions of protocol.
In a guest post to the WebKit blog, Apple software engineer Christopher Wood made the case for deprecating TLS 1.0 and 1.1 in favor of version 1.2 and the recently finalized version 1.3.
Wood, who specializes in public key infrastructure and crypto services, defines TLS as a critical internet security protocol for protecting web traffic as it moves between clients and servers. The tool "provides confidentiality and integrity" of often sensitive data, but legacy versions of TLS date back to 1999.
To safeguard users against potential exploitation of vulnerabilities like the BEAST browser and FREAK man-in-the-middle attacks, Wood suggests moving away from TLS 1.0 and 1.1. More specifically, the engineer says TLS 1.2 provides security "fit for the modern web."
Wood says Apple will deprecate Safari support for TLS 1.0 and 1.1 in forthcoming updates scheduled to release on iOS and macOS in March 2020. Apple currently uses TLS 1.2 as its standard, and 99.6 percent of TLS connections made from Safari rely on the modern protocol.
ArsTechnica reported on the coming change earlier today.
As part of an industry effort to transition away from old TLS versions, Google's Chrome, Microsoft's Edge and Mozilla's Firefox will also drop support during the same period. The Safari alternatives see metrics largely in line with those provided by Apple, with Firefox recording the highest percentage of legacy TLS use at 1.2 percent of all secure connections.
William Gallagher
Malcolm Owen
Amber Neely
Andrew O'Hara
Christine McKee
5 Comments
This sort of thing is why it's a bad idea to hang on to old software and old machines years after they're no longer supported. You can get away with that for a little while, but if you wait too long you are a sitting duck for security risks.
Remember the good old days when the main virus transmission method was the floppy disk?
Move forward or die with an expensive paperweight. Nothing is secure, just more secure...
Apple does a pretty good job with security and it’s never enough, but it’s probably better than the alternative.
Everywhere and everyone have been updating to smart home technology nowadays. Which does smart jobs and makes their work so simple. You are correct smart home devices aren’t cheap but they are long durable. That too apple products are costly. But we have to choose apple products because they don’t compromise on quality. Thanks for mentioning some smart home devices and reviewing it in detail. The introduction of smart home devices has been a blessing in disguise for all. Today you can even control your smart devices through your iphone also.