Last Comments

snorkel (Data Warehouse / …): Oracle seems like a huge …
frak (Article Bot is fi…): Well thanks for being the…
random (Article Bot is fi…): Curious Statement from th…
frak (Article Bot Spyin…): For the answer see this u…
Bob (Pivot 1.30 Alpha.…): And this is what a commen…

Search

Search for words used in entries on this website

Archives

01 Nov - 30 Nov 2007
01 Jun - 30 Jun 2007
01 Dec - 31 Dec 2006
01 Nov - 30 Nov 2006
01 Jul - 31 Jul 2006
01 Jun - 30 Jun 2006
01 Apr - 30 Apr 2006
01 Mar - 31 Mar 2006
01 Feb - 28 Feb 2006
01 Jan - 31 Jan 2006
01 Dec - 31 Dec 2005
01 Oct - 31 Oct 2005
01 Sep - 30 Sep 2005
01 Aug - 31 Aug 2005
01 Feb - 28 Feb 2005
01 Jan - 31 Jan 2005

Links

Miscellany

Powered by Pivot - 1.40.5: 'Dreadwind' 
XML: RSS Feed 
XML: Atom Feed 

« DIY green Power | Home | Bionic eyes »

Exploit to take over domains

Not sure how this one works - apparently we are all vulnerable (as in the major web browsers are)  You can find a commentry of it here on boing boing

What makes this more dire than usual is it allows the hacker to spoof the domain AND the SSL.  So now you can be on a web site that looks like the real thing AND has the correct SSL certificate information.

To work it uses IDN support.

What is really stupid, is that the attack method was first written about in 2001 - before any browser had implemented the feature...

Depending on who you beleive, there is, or is not, a solution for Mozilla users...


No comments:

No trackbacks:

Trackback link:

Please enable javascript to generate a trackback url

  
Remember personal info?

/ Textile

this is to stop spam bots causing me pain.
 

  (Register your username / Log in)

Notify:
Hide email:

Small print: All html tags except <b> and <i> will be removed from your comment. You can make links by just typing the url or mail-address.