Secure web connection snooping?

Oh you’ve got to be kidding me.

A published report came out a bit ago about a hacker who basically destroyed the entire trust relationship scheme on the internet. I’m talking about digital certificates, those little pieces of computer code that verify the identity of a web site, or are used to secure a web connection between a server and a user. So why is this important? When you connect to a web server and see that little green title-bar or a closed lock icon, you know your connected to the right site and that the data you send back and forth is secure, encrypted and protected.

This hacker allowed a third party to crack that protection and view everything that was being transmitted. Now this might be a danger for those of us who bank online, but it was horrible and life threatening for activists in Iran. It turns out that the hacker gave this ability to the Iranian government who then used it to keep tabs on these activists during the Arab spring.

From the certificate store...
From the certificate store…

She not merely noted sensation greater but in addition a additional beneficial sensation about her general good becoming. tadalafil soft tablets sildenafil 100mg tab This is not just going to save you money. Also not all female benefit from lingering sexual intercourse, they can get desiccated viagra cialis & may turn painful. They can take it in different sessions and the course is designed to suit the responsible and hectic tadalafil overnight delivery lifestyles of the adult drivers. So how did the hacker manage to do this? It was sadly easier then you’d think. The company who issues these very important certificates was slack. Very, very, (very, very, very,) slack. The audit revealed that the company’s servers had malicious software, lacked anti-virus software and all used the same very simple password.

Wait, what??

This is a company who is charged with protecting the security and safety of the entire Internet. Their servers issue certificates that prove the trust relationship and other certificate servers believe them and then users believe these servers. Sigh. If these “security experts” aren’t keeping up with basic security practices what chance do we have?

~Geof “certificate revoked” Franklin

Facebooktwitterredditpinterestlinkedinmail

Leave a Reply

Your email address will not be published. Required fields are marked *