https means nothing | Information Technology / Computer Talk | Forum

A A A
Avatar
Please consider registering
Guest
Search
Forum Scope




Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
Register Lost password?
sp_Feed sp_TopicIcon
https means nothing
Avatar
Guest
Guests
1
November 16, 2009 - 8:46 am
sp_Permalink sp_Print

You fellas probably should know that ssl has been largely broken for some months. Mainly by this guy named moxie marlinspike. Here where he talks about how it's done.
AUDIO LINK

Mostly renders ssl useless, so don't trust your certificates authority. Don't do on-line banking and don't send sensitive information over the wires like credit-card numbers. ssl is now broken and this is an interesting panel you should listen to it.

Avatar
mrmonsoon
Member
Members
Forum Posts: 90
Member Since:
October 3, 2010
sp_UserOfflineSmall Offline
2
October 5, 2010 - 5:13 pm
sp_Permalink sp_Print

For those less computer knowledgeable....

HTTPS:Hyper Text Transfer Protocol Secure

This is supposed to add a layer of security for doing things like online purchases and such.

What the OP means is that as far as security is concerned, it is a big failure.

Hackers have gotten into HTTPS and SSL so they are no longer secure.

Avatar
chrisv25
Member
Members
Forum Posts: 176
Member Since:
December 20, 2010
sp_UserOfflineSmall Offline
3
December 21, 2010 - 2:05 am
sp_Permalink sp_Print

this is what i do for a living (A+, N+, cisco, MSCP) and i hate to tell you...

There is a fundamental flaw in internet architecture that make any site vulnerable to a man in the middle attack no matter how well encrypted or secured or tied up with a pretty bow 🙂 this includes ARPANET, MILnet, and just about any WAN. if you want secure return to Minitel or a BBS system.

this 'flaw' will continue to be a problem until the router hash table system is dumped for something slower but more secure...personally I think the NSA and NRO put it there on purpose, but that's just speculation on my part.

But the truth is that none of us are likely targets for stealing our account info. We just don't matter that much.

Avatar
sandra
Member
Members
Forum Posts: 3859
Member Since:
December 4, 2009
sp_UserOfflineSmall Offline
4
January 5, 2011 - 8:16 am
sp_Permalink sp_Print

Interesting information.
Its a good thing that when I do online purchasing I never
use a major credit card. I add funds
to a debit for the exact amount of the transfer.

“Living backwards!” Alice repeated in great
astonishment. “I never heard of such a thing!”
“—but there’s one great advantage in it, that one’s
memory works both ways.”
— Lewis Carroll, Through the Looking-Glass

Avatar
CodeBlackv2
Member
Members
Forum Posts: 418
Member Since:
July 28, 2010
sp_UserOfflineSmall Offline
5
May 30, 2011 - 4:36 am
sp_Permalink sp_Print

Registering "*<null>mydomain.com" creates a certificate that is a valid substitute for every site on the net? Cooooooool! Money, money, money, money.
"I wish I had some loftier goal, but in the end it's the money." -Speed
"It's not about the money. It's about the money." -my doctor

I'm watching The Italian Job. That was about the money. Next up, Oceans 11, Entrapment and Die Hard.

Forum Timezone: America/Los_Angeles
Most Users Ever Online: 288
Currently Online: Straight Zeke the Geek
48
Guest(s)
Currently Browsing this Page:
1 Guest(s)
Top Posters:
greeney2: 10322
bionic: 9871
Lashmar: 5290
tigger: 4577
rath: 4298
DIss0n80r: 4162
sandra: 3859
frrostedman: 3816
Wing-Zero: 3279
Tairaa: 2843
Newest Members:
Ballbon
emoji
romandavis
L Stone
Jessica
grag harley
Joe Buteo
Paul
Matt Simons
tararubena
Forum Stats:
Groups: 8
Forums: 31
Topics: 9302
Posts: 124804

 

Member Stats:
Guest Posters: 2
Members: 25064
Moderators: 0
Admins: 2
Administrators: John Greenewald, blackvault