Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 18 Sep 2014, 22:00
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Now that SSL has been cracked, watch out
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [2 Posts]  
Author Message
scsijon

Joined: 23 May 2007
Posts: 1042
Location: the australian mallee

PostPosted: Thu 06 Oct 2011, 00:00    Post subject:  Now that SSL has been cracked, watch out  

passing on from Opensuse, think this is the appropriate area.

regards
scsijon

-------------------------

Ever since rumors started to spread about Thai Duong and Juliano Rizzo's BEAST attack against SSL/TLS <http://www.infoworld.com/t/security/red-alert-https-has-been-hacked-174025>, onlookers have fretted as to just how serious a threat it poses. In a nutshell, the attack is serious -- though for the time being, it's difficult to pull off because a would-be attacker has to work pretty hard to ensure that the target meets multiple preconditions. Unfortunately, the tools to pull off the attack are certain to evolve -- and many IT organizations aren't even taking the simple, necessary steps to protect themselves today.

The mere fact that the attack can be successful at all is significant. SSL/TLS is a VPN technology. VPNs are, by definition, supposed to keep your information safe even when it's being transmitted via an insecure network medium and a malicious party can intercept your protected traffic. The BEAST attack somewhat breaks SSL/TLS's VPN protections. In this sense, it's fairly important. With the right preconditions, a cyber criminal can steal your protected HTTPS cookie, which then essentially allows him or her to highjack your active HTTPS session. Make no mistake about it: The BEAST attack works as claimed.

[More]

http://www.infoworld.com/d/security/now-ssl-has-been-cracked-watch-out-174852?source=IFWNLE_nlt_sec_2011-10-04

--
You can always count on Americans to do the right thing - after they've tried everything else.
Sir Winston Churchill

--
Back to top
View user's profile Send private message Visit poster's website 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sat 08 Oct 2011, 15:57    Post subject:  

Good you told us about this.
_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [2 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0416s ][ Queries: 12 (0.0053s) ][ GZIP on ]