Tackling Logjam
Wondering what fixing Logjam has to do with security? Keep reading. This logjam is not the literal kind, and it has a lot to do with security.
It is the name of the newest security vulnerability, explained here, or on the technical paper from the same site.
Logjam, as explained by the group of cryptographers who named it, is a flaw in TLS encryption. From their site, “Diffie-Hellman key exchange is a popular cryptographic algorithm that allows Internet protocols to agree on a shared key and negotiate a secure connection. It is fundamental to many protocols including HTTPS, SSH, IPsec, SMTPS, and protocols that rely on TLS.”
There are several weaknesses in how that key exchange is deployed explained in the technical paper. This vulnerability could affect websites, mail servers, and other TLS-dependent services that support the ciphers that are at risk for the Logjam attack.
Read more about who is affected and what to do on https://weakdh.org/
How is SendThisFile Mitigating Logjam?
As soon as we heard about Logjam, our team went to work researching what it was all about. We currently have Logjam mitigation in place on all of our servers. With this mitigation, users to our service shouldn’t notice anything different and there was no disruption of service. Should you have any technical questions on our mitigation and how it relates to your account, please contact us at 316-942-4707.
About The Author
Carreen Gibbons
Carreen Gibbons is the Marketing Communications Manager at SendThisFile. She's worked in technology related fields since 2010 and marketing/communications since 1996. Working at SendThisFile, a leader in helping businesses control how data is shared, has given her the opportunity learn about online security through writing. In her free time, she likes to ride bikes, learn Turkish (Merhaba!) and play with techno-gadgets.