Post: Re: SSL vulnerable @ ido
Re: SSL vulnerable @ ido →
Posted Friday 1st August 2008 12:14 GMT
In Exploit code for Kaminsky DNS bug goes wild
What you've said is true but the attack is much simpler...Who actually checks a certificate? All it needs is a good mock up and the good old "lock" icon (showing us that everything is surely fine?) and it's enough to spoof most people who don't bother looking at the certificate.
Even if you did look, how many people would actually be able to determine if it was a real/fake cert?
It's careless on some peoples part but I would suspect most people are probably still caught in change management....groans
Most read
Popular Whitepapers
- Robin Johnson: Questions and Answers
Dell CIO Robin Johnson discusses the process of transforming its own IT infrastructure - Virtualization with the Intel Xeon Processor 5500 Series
A proof of concept - Thermal design of Dell PowerEdge server
T610, R610 and R710 - Business Ready Configurations for Virtualization
A Solution Guide - Real-world server consolidation with Hyper-V
35 HP ProLiant DL385 servers onto 5 Dell PowerEdge M610 blade servers running Hyper-V - A Cure for Server Sprawl
Dell Global Infrastucture Consulting helps DeKalb Medical
