The Electronic Frontier Foundation’s SSL Observatory has found that thousands of SSL certificates used to authenticate HTTPS sites are effectively useless, owing to weak algorithms used to generate the random numbers that are needed for encryption.
By analyzing each certificate, the researchers found that one in 500 certificates are currently insecure, meaning that tens of thousands of sites across the web are vulnerable to eavesdroppers.
Full Story: EFF says that thousands of SSL certificates ‘offer effectively no security’