5 ways to tackle an insufficient HTTPS implementation
Earlier this year I wrote about 5 ways to implement HTTPS in an insufficient manner (and leak sensitive data) [https://www.troyhunt.com/2013/04/5-ways-to-implement-https-in.html]. The entire premise of the post was that following a customer raising concerns about their SSL implementation, Top CashBack went on to assert that everything that needed to be protected, was. Except it wasn’t, at least not sufficiently and that’s the rub with SSL; it’s not about having it or not having it, it’s about un...