https means nothing | Information Technology / Computer Talk | Forum

A A A
Avatar

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —






— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
https means nothing
November 16, 2009
8:46 am
Avatar
Guest
Guests

You fellas probably should know that ssl has been largely broken for some months. Mainly by this guy named moxie marlinspike. Here where he talks about how it's done.
AUDIO LINK

Mostly renders ssl useless, so don't trust your certificates authority. Don't do on-line banking and don't send sensitive information over the wires like credit-card numbers. ssl is now broken and this is an interesting panel you should listen to it.

October 5, 2010
5:13 pm
Avatar
mrmonsoon
Member
Members
Forum Posts: 89
Member Since:
October 3, 2010
sp_UserOfflineSmall Offline

For those less computer knowledgeable....

HTTPS:Hyper Text Transfer Protocol Secure

This is supposed to add a layer of security for doing things like online purchases and such.

What the OP means is that as far as security is concerned, it is a big failure.

Hackers have gotten into HTTPS and SSL so they are no longer secure.

December 21, 2010
2:05 am
Avatar
chrisv25
Member
Members
Forum Posts: 175
Member Since:
December 20, 2010
sp_UserOfflineSmall Offline

this is what i do for a living (A+, N+, cisco, MSCP) and i hate to tell you...

There is a fundamental flaw in internet architecture that make any site vulnerable to a man in the middle attack no matter how well encrypted or secured or tied up with a pretty bow 🙂 this includes ARPANET, MILnet, and just about any WAN. if you want secure return to Minitel or a BBS system.

this 'flaw' will continue to be a problem until the router hash table system is dumped for something slower but more secure...personally I think the NSA and NRO put it there on purpose, but that's just speculation on my part.

But the truth is that none of us are likely targets for stealing our account info. We just don't matter that much.

January 5, 2011
8:16 am
Avatar
sandra
Member
Members
Forum Posts: 3858
Member Since:
December 4, 2009
sp_UserOfflineSmall Offline

Interesting information.
Its a good thing that when I do online purchasing I never
use a major credit card. I add funds
to a debit for the exact amount of the transfer.

“Living backwards!” Alice repeated in great
astonishment. “I never heard of such a thing!”
“—but there’s one great advantage in it, that one’s
memory works both ways.”
— Lewis Carroll, Through the Looking-Glass

May 30, 2011
4:36 am
Avatar
CodeBlackv2
Member
Members
Forum Posts: 417
Member Since:
July 28, 2010
sp_UserOfflineSmall Offline

Registering "*<null>mydomain.com" creates a certificate that is a valid substitute for every site on the net? Cooooooool! Money, money, money, money.
"I wish I had some loftier goal, but in the end it's the money." -Speed
"It's not about the money. It's about the money." -my doctor

I'm watching The Italian Job. That was about the money. Next up, Oceans 11, Entrapment and Die Hard.

Forum Timezone: America/Los_Angeles

Most Users Ever Online: 288

Currently Online:
77 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

greeney2: 10239

bionic: 9870

Lashmar: 5289

tigger: 4576

rath: 4297

DIss0n80r: 4161

sandra: 3858

frrostedman: 3815

Wing-Zero: 3278

Tairaa: 2842

Member Stats:

Guest Posters: 2

Members: 24137

Moderators: 0

Admins: 2

Forum Stats:

Groups: 8

Forums: 31

Topics: 8730

Posts: 123496

Newest Members:

Von wahlde, lyon smith, Andrew Witmark, Charlie, JeffreyHollister, lora beth, DEFENCE SECTOR, Inger Kercado, kanye, Patriotic American

Administrators: John Greenewald: 585, blackvault: 1776