In an effort to beef up the security level on websites, a non-profit group called the Trustworthy Internet Movement (TIM) is making a list of sites that are “naughty or nice.” (Take that Santa!) The thought behind the list is to publicly call out sites in hopes that the bad press will cause them to change and update their security practices.
The group will initially focus on how sites use Secure Sockets Layer technology.
From the BBC: “Many websites use SSL to encrypt communications between them and their users. It is used to protect credit card numbers and other valuable data as it travels across the web.”
To test the sites, TIM is employing “white hat” hackers and even the inventor of SSL encryption himself, Taher Elgamal. According to TIM’s initial survey, over half the sites tested are using compromised versions of SSL.