Announcement

Collapse
No announcement yet.

Interesting SSL certificate attack

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Interesting SSL certificate attack

    The idea being that your web browser trusts certificate authorities (like verisign) in other foreign nations. Those CAs can be forced by their government to create a false certificate for say like http://www.bankofamerica.com. The end user would notice nothing wrong if sent to a fake site.

    Abstract: This paper introduces a new attack, the compelled certificate creation attack, in which government agencies compel a certificate authority to issue false SSL certificates that are then used by intelligence agencies to covertly intercept and hijack individuals' secure Web-based communications. We reveal alarming evidence that suggests that this attack is in active use. Finally, we introduce a lightweight browser add-on that detects and thwarts such attacks.
    https://docs.google.com/viewer?url=h...t/ssl-mitm.pdf
    Tags: None
    #2
    Very interesting. I'll have to read teh PDF link when I have some more time.
    [SIZE=1][B]"Now more than ever the people are responsible for the character of their Congress. If that body be ignorant, reckless, and corrupt, it is because the people tolerate ignorance, recklessness, and corruption." ~President James Garfield[/B][/SIZE]
    <<< Please [URL="http://www.cainslair.com/misc.php?do=donate"]donate[/URL] >>>

    Comment

      #3
      Interesting indead, I had just head about this. Dang it, looks like I'll have to start using FF for all banking and SSL secured connections.
      [IMG]http://thepebkac.net/images/sigs/Outdoors_sig.jpg[/IMG]
      Like the community? Donate here:
      [URL="http://www.cainslair.com/misc.php?do=donate"]http://www.cainslair.com/misc.php?do=donate[/URL]

      Comment

      Previous template Next

      Cain's Lair Forums Statistics

      Collapse
      Topics: 26,187   Posts: 269,854   Members: 6,183   Active Members: 4
      Welcome to our newest member, Fermin13Q.

      Today's Birthdays

      Collapse

      There are no members with birthdays today.

      Top Active Users

      Collapse
      There are no top active users.

      More Posts

      Collapse
      • Reply to Hi guys!
        by Apache Warrior
        Hello Ghost. I hope you are doing well.
        Apache
        5 Jan 2025, 11:35 AM
      • Reply to Hi guys!
        by GhostHunter2024
        HAPPY NEW YEAR !!
        Well - just got back on my PC and played Delta Force game, Path of Exil 2, Diablo 4, BO6 and some WItcher3 , Ghost Recon Breakpoint...
        4 Jan 2025, 05:07 AM
      • Reply to New OLD "Private" is BACK to the LAIR
        by GhostHunter2024
        Yes, indeed. Have hardly time to GAME, to busy in the real world. Will see what 2025 brings and what games ?!
        Oh btw HAPPY NEW YEAR !!
        Best...
        4 Jan 2025, 05:02 AM
      View All
      Working...
      X