Google Online Security Blog: Introducing nogotofail—a network traffic security testing tool

Introducing nogotofail—a network traffic security testing tool

4. November 2014

HTTPS everywhere
The Android Security Team has built a tool, called nogotofail, that provides an easy way to confirm that the devices or applications you are using are safe against known TLS/SSL vulnerabilities and misconfigurations. Nogotofail works for Android, iOS, Linux, Windows, Chrome OS, OSX, in fact any device you use to connect to the Internet. There’s an easy-to-use client to configure the settings and get notifications on Android and Linux, as well as the attack engine itself which can be deployed as a router, VPN server, or proxy.
We’ve been using this tool ourselves for some time and have worked with many developers to improve the security of their apps. But we want the use of TLS/SSL to advance as quickly as possible. Today, we’re releasing it as an open source project, so anyone can test their applications, contribute new features, provide support for more platforms, and help improve the security of the Internet.

Posted by Chad Brubaker, Android Security Engineer

2 Kommentare :

Pattie hat gesagt…: Good information; 4. November 2014 um 13:51
Rony KB hat gesagt…: How will install it and test our https site using this tool?; 5. November 2014 um 07:24

Kommentar veröffentlichen

Security Blog

Introducing nogotofail—a network traffic security testing tool

2 Kommentare :

Labels

Archive

Feed