Picking the lock on SSL
January 13, 2009 by Valerie HelmbreckPosted in: Communication, Compliance, In this week's e-newsletter, Information security, Latest News & Views, Software, Web browsers
Security for the IT pro is as unrelenting a task as raising kids or untangling fine wire. No matter how hard you work at it, something always comes along to spoil your hard work and vigilance.
And as if IT pros didn’t have enough to worry about, one of the cornerstones of Internet security may not be as solid as generally believed.
A team of U.S. and Dutch researchers say they successfully created a rogue certification authority (CA) to create digital certificates (SSL) accepted by all major web browsers.
This would allow an attacker to perfectly impersonate secure Web sites and e-mail servers to carry out phishing attacks.
Internet security experts predict this may prompt a fresh assault of cybercrime. The remedy: More secure Web cryptographic standards.
For more information on what’s happening, read here.
FinanceTechNews.com delivers the latest Finance news once a week to the inboxes of over 150,000 Finance professionals.
Click here to sign up and start your FREE subscription to FinanceTechNews!
Tags: certification authority, cybercrime, Internet, researchers, security, SSL
March 2nd, 2009 at 9:38 am
Thanks for helping us out!
May 26th, 2009 at 10:13 am
Nice blog post, a good read, i’ll be bookmarking this.