9 posts tagged with SSL. (View popular tags)
Displaying 1 through 9 of 9. Subscribe:

Related tags:
+ (4)


Users that often use this tag:
crunchland (2)
Two days ago a user asked Google about a strange warning he was getting when trying to access Gmail from Iran. Turns out he was getting a fraudulent SSL certificate that was issued incorrectly for *.google.com by DigiNotar, a Dutch certificate authority. It seems likely this was a deliberate man-in-the-middle attack to snoop email in Iran. This attack is the second SSL certificate compromise in a year (previously), pointing to a fundamental design flaw in Internet security. [more inside]
posted by Nelson on Aug 30, 2011 - 45 comments

The circumstantial evidence suggests that the attack originated in Iran. Every time you see a little lock icon in your browser and are using HTTPS connections, odds are you're using a site whose certificate was signed by an Certificate Authority like VeriSign, Comodo, or Thawte. This week, SSL certificate provider Comodo announced that one of its accounts had been compromised. The attacker used the account to generate 9 bogus certificates to use for 7 well-known domains. While the breach was discovered and the certificates were revoked, it does raise questions about the chain of trust for all SSL certificates. [more inside]
posted by fifteen schnitzengruben is my limit on Mar 24, 2011 - 49 comments

LastPass is the last password manager you'll ever need. Available on almost all common platforms, its easy to use, and free. [more inside]
posted by crunchland on Jul 11, 2010 - 73 comments

Starting today, Starbucks is offering free wifi in all of their US and Canadian stores. This has computer security folks a little edgy, since it could allow hackers and computer miscreants new opportunities to steal the data of unsuspecting computer users, and prompted Steve Gibson, computer security guru, to advise people to "just be afraid. Be very afraid." This applies to people who use laptops, wifi enabled cellphones and pdas. But there are ways to protect yourself. [more inside]
posted by crunchland on Jul 1, 2010 - 93 comments

DVDs to save the music industry (video interview) Record Producers discuss illegal downloads, home studios and why 5.1 DVD sound just might be the future. [more inside]
posted by Lanark on Jun 15, 2009 - 62 comments

Your Gmail account isn't secure. Announced at Defcon 16, Jay Beale's tool, The Middler (man-in-the-middle) to steal session ID from not only Gmail users, but LinkedIn, LiveJournal, Facebook, and presumably any site that uses a session-based cookie. Enable https permanently. (previously)
posted by sluglicker on Aug 28, 2008 - 53 comments

On May 13, security advisories published by Debian and Ubuntu revealed that, for over a year, their OpenSSL libraries have had a major flaw in their CSPRNG, which is used by key generation functions in many widely-used applications, which caused the "random" numbers produced to be extremely predictable. [lolcat summary] [more inside]
posted by finite on May 16, 2008 - 81 comments

What do a balding man with a unique talent, shopping carts, and Extended Validation SSL Certificates have in common? Well, this: Liberty Fillmore: The Cart Whisperer (YT). Won't you think of the carts and visit No More Abandoned Carts today?
posted by schleppo on Feb 28, 2008 - 10 comments

Eudora Releases 5.1... an incremental release is seldom worth a post, but with 5.1 comes support for SSL! Which makes me very happy: our SysAdmin banned us from hooking up to our mail server until we had an e-mail client that was A) SSL-enabled and B) not a product of Microsoft... finally! I can get my corporate e-mail without having it forwarded to my Yahoo! e-mail account! : )
posted by silusGROK on Apr 23, 2001 - 18 comments

Page: 1