Chrome and the latest Windows 10 April Update have a very big issue together, considering the millions of PCs running Windows 10 AND Chrome worldwide. Chrome will not open up SSL based sites after the latest April Windows 10 update . Some are pointing to the CryptSvc [Windows certificates service] as the cause of the issue or creating a conflict with Chrome. Going over the various sites covering this issue, it is clear that a viable solution has not been found. Consumers and businesses end up reformatting drives or reinstalling Windows 10 fresh without the latest version update , or worse, chasing false hopes such as “uninstall your anti virus” [that is not the issue and a poor decision] or “stop the CryptSvc” [very bad, and wrong, idea].
Windows 10 April Update – Chrome now just “Establishing secure connection..”
The secure connection problem points to TLS or HTTPS or even the new ‘QUIC’ technology perhaps? This is just intuition at this point, but I would guess that QUIC is involved – it is a Google creation that ties in with data transport, and the symptoms point to it as a possible culprit that does not play nice with the latest Windows 10 update.
QUIC is a new transport which reduces latency compared to that of TCP. On the surface, QUIC is very similar to TCP+TLS+HTTP/2 implemented on UDP. Because TCP is implemented in operating system kernels, and middlebox firmware, making significant changes to TCP is next to impossible. However, since QUIC is built on top of UDP, it suffers from no such limitations.
This is actually [indirectly] courtesy of the US Government’s NSA, from a few years ago. They actually created the code that exploits Microsoft Servers that face the internet directly.
“It’s been almost a week since the City of Atlanta was hit by a ransomware attack, which encrypted city data and led to the shutdown of some services.
Mayor Keisha Lance Bottoms said in a press conference Monday that the city’s government is working on recovering the network after ransom notes appeared on computer displays on Thursday afternoon. The city has hired local cybersecurity firm SecureWorks to assess the situation.
Reports say the notorious SamSam ransomware was used in the Atlanta attack, which exploits a deserialization vulnerability in Java-based servers. Details of the attack remain largely unknown, but an early investigation may have identified who is behind the attack, said SecureWorks chief executive Michael Cote. Almost a million dollars has been reaped from other businesses that were infected and paid the ransom. It’s not known if Atlanta will pay the ransom.”
Good SSL Checker – gives lots of details on encryption levels, expiration dates, basic hack defense status etc.
Comodo SSL Analyzer
This is the only link [the first one, below] or site that matters when it comes to the Equifax hack. There are many phishing websites disguising themselves, and reports are coming in that hoax or fake emails are popping into Inboxes. Use caution. ONLY go through Equifax, seeming as though they are the ones who caused the mess. As they likely already have your identity, and then lost it via a hack, you may as well follow the steps off the link below to get yourself courtesy identity theft protection for a few years [that is their penance].
I would even emphasize that you should not take my [or anyone’s] word for it, and double check on Equifax’s website yourself.
Cross reference with the FTC:
This is a wonderful overview of the “Darknet” and the Thor browser.
Darknet 101: Your guide to the badlands of the internet
“Hacked login details. Cybersecurity exploits for hire. Drugs, guns and ammo. If there’s something shady going on online, chances are it’s happening on the darknet.”
Read it Here
At first, I thought this was a new beer, ha ha. But it’s just a ‘light’ version of Twitter. It is designed for users tweeting off slower networks or small data plans. Great idea!