Linux Today: Linux News On Internet Time.

More on LinuxToday

Attack on SSL Users Discovered, Tool Sources Released

Feb 25, 2009, 17:04 (1 Talkback[s])
(Other stories by Nils Magnus)


Full Text Search: The Key to Better Natural Language Queries for NoSQL in Node.js

"Often users ignore warning dialogs and click through them. In the case of an sslstrip intervention, the user doesn't even get the warning dialogs, because no apparent invalid HTTPS connection is created. His browser simply doesn't create a secure connection. The kind of MITM attacks this can provide, and how users might be totally unaware of them, is clearly indicated in Marlinspike's "New Tricks for Defeating SSL in Practice" slides."

Complete Story

Related Stories: