New bug LogJam threatens online identities acroos web
LogJam is a problem with encryption , which is the way computers secure data being transferred online so that third parties cannot intercept communications.
By Business Insider | Updated:
Researchers have just discovered an online vulnerability currently being called LogJam and it's believed to be affecting 8 per cent of the world's biggest websites. What makes it so severe, is that the vulnerability stems from the type of technology most websites use to keep our personal information safe as it travels throughout the Web.
LogJam is essentially a problem with encryption which is the way computers secure data being transferred online so that third parties have no way of intercepting communications. Using mathematical code, encryption translates all data into a huge garble of numbers that only the source and recipient can decode.
Researchers found that certain hackers can attack “keys“, which are the things that code and decode encrypted data. Keys are long strings of numbers that hide the content of the data being transferred. The longer the key, the more secure the code.
LogJam, however, makes it possible in certain situations for attackers to change these long, strong keys into shorter, weaker keys making them much easier crack. And, web browsers can't even tell that the keys have been tampered with.
LogJam affects more than 8 per cent of the top million websites on the internet, meaning that nearly one out of every ten website you go to likely has this issue. And there's even more bad news about our current encryption practices: The paper discussing this vulnerability also revealed that what are considered `midlevel' encryption keys are actually easier to crack than originally thought. This means that if a website uses these keys, well-resourced attackers can actually intercept those communications too.
The ramifications of LogJam are huge on a theoretical level, though perhaps less so in application. What makes the vulnerability seem so threatening is the idea that the current practice in place for protecting our online identities may not be as secure as we think.
“Cryptography makes certain promises about confidentiality, and this vulnerability violates that trust,“ Tod Beardsley from security firm Rapid7 wrote.In that sense, LogJam is similar to the Heartbleed bug, which was thought by many to be one of the most chilling online bug discoveries. Still, the point of entry for LogJam is very slight. The only way to successfully capitalise on the LogJam bug is to be on the same network as the person you're trying to intercept at the same time as them. Otherwise, you would need extensive digital resources. Business Insider
LogJam is essentially a problem with encryption which is the way computers secure data being transferred online so that third parties have no way of intercepting communications. Using mathematical code, encryption translates all data into a huge garble of numbers that only the source and recipient can decode.
Researchers found that certain hackers can attack “keys“, which are the things that code and decode encrypted data. Keys are long strings of numbers that hide the content of the data being transferred. The longer the key, the more secure the code.
LogJam, however, makes it possible in certain situations for attackers to change these long, strong keys into shorter, weaker keys making them much easier crack. And, web browsers can't even tell that the keys have been tampered with.
LogJam affects more than 8 per cent of the top million websites on the internet, meaning that nearly one out of every ten website you go to likely has this issue. And there's even more bad news about our current encryption practices: The paper discussing this vulnerability also revealed that what are considered `midlevel' encryption keys are actually easier to crack than originally thought. This means that if a website uses these keys, well-resourced attackers can actually intercept those communications too.
The ramifications of LogJam are huge on a theoretical level, though perhaps less so in application. What makes the vulnerability seem so threatening is the idea that the current practice in place for protecting our online identities may not be as secure as we think.
ADVERTISEMENT
“Cryptography makes certain promises about confidentiality, and this vulnerability violates that trust,“ Tod Beardsley from security firm Rapid7 wrote.In that sense, LogJam is similar to the Heartbleed bug, which was thought by many to be one of the most chilling online bug discoveries. Still, the point of entry for LogJam is very slight. The only way to successfully capitalise on the LogJam bug is to be on the same network as the person you're trying to intercept at the same time as them. Otherwise, you would need extensive digital resources. Business Insider
Download
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
Download
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
Related Articles
Psychology says fear of replacement can quietly destroy love: Why your partner’s silence, late replies, and online activity trigger deep emotional panic2026-06-11T18:10:30Z- Ramani Kalyanam OTT release date confirmed: When and where to watch the Telugu romantic drama online2026-06-10T12:22:45Z
- PhonePe launches AI-powered SmartPages to help merchants go online in 10 minutes2026-06-10T04:52:22Z
ADVERTISEMENT
