Hackers Break SSL Encryption

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Adam_M
    Confirmed User
    • Mar 2006
    • 3800

    #1

    Hackers Break SSL Encryption

    This is going to be big news in the coming weeks!

    http://www.theregister.co.uk/2011/09...ts_paypal_ssl/
    DiscountedPorn.Com
    ReviewedPorn.com
  • raymor
    Confirmed User
    • Oct 2002
    • 3745

    #2
    This may be what Biden calls "a big fuckin deal". Anyone who accepts cards directly on their site or otherwise uses an ssl cert needs to pay attention to this.
    For historical display only. This information is not current:
    support@bettercgi.com ICQ 7208627
    Strongbox - The next generation in site security
    Throttlebox - The next generation in bandwidth control
    Clonebox - Backup and disaster recovery on steroids

    Comment

    • NALEM
      Confirmed User
      • Nov 2010
      • 3163

      #3
      Originally posted by Adam_M
      This is going to be big news in the coming weeks!

      http://www.theregister.co.uk/2011/09...ts_paypal_ssl/
      Thanks for the link. I just had this conversation with my programmers. For another project requiring secure transfers of data, they told me how vunerable we could be.
      "The time men spend in trying to impress others they could spend in doing the things by which others would be impressed."

      Comment

      • BIGTYMER
        Junior Achiever
        • Nov 2004
        • 17066

        #4
        Great...

        Comment

        • cooldude7
          Confirmed User
          • Nov 2009
          • 4306

          #5
          ouch BEAST is coming., lol...........

          Comment

          • cooldude7
            Confirmed User
            • Nov 2009
            • 4306

            #6
            endless possibilities.......

            Comment

            • Adam X
              Now Giving 1 Fuck Daily
              • Apr 2002
              • 2493

              #7
              Originally posted by cooldude7
              ouch BEAST is coming., lol...........
              Once upon a time there was S.A.T.A.N... now BEAST? This IS a BFD.
              Cronfund - Buy CRON now and earn 4% plus coin value. The best of DEFI!

              Comment

              • cooldude7
                Confirmed User
                • Nov 2009
                • 4306

                #8
                Originally posted by Adam X
                Once upon a time there was S.A.T.A.N... now BEAST? This IS a BFD.
                yepp its bd.,
                but
                c'mon dont tell me , you never thought , this is gonna happen someday.,

                Comment

                • Nathan
                  Confirmed User
                  • Jul 2003
                  • 3108

                  #9
                  Although I agree this is a big big problem, let's all accept the fact that Man-In-The-Middle attacks are not easy on the internet. You would need access to one of the main routers on the net to make this matter big time. Of course a spyware system running on a client's system is now able to decrypt SSL then, but it could grab the data after decryption anyway...

                  I know very few people that have access to major routers on the net and would use them to hack SSL streams.
                  "Think about it a little more and you'll agree with me, because you're smart and I'm right."
                  - Charlie Munger

                  Comment

                  • See Cig
                    Confirmed User
                    • Jan 2005
                    • 515

                    #10
                    Originally posted by Nathan
                    Although I agree this is a big big problem, let's all accept the fact that Man-In-The-Middle attacks are not easy on the internet. You would need access to one of the main routers on the net to make this matter big time. Of course a spyware system running on a client's system is now able to decrypt SSL then, but it could grab the data after decryption anyway...

                    I know very few people that have access to major routers on the net and would use them to hack SSL streams.
                    hmm.
                    that kinda access... lets think.. should be making.. 40k-75k a year....on the avg..
                    vs what it could make....
                    over night...
                    See Sig

                    Comment

                    • See Cig
                      Confirmed User
                      • Jan 2005
                      • 515

                      #11
                      See Sig

                      Comment

                      • TheDoc
                        Too lazy to set a custom title
                        • Jul 2001
                        • 13827

                        #12
                        So they have to actually be watching for that connection, pretty much in control of your computer or server or an entire network really, so no sniffing these out... making this really fucking hard. Then they still have to guess what some keys are.., it doesn't decrypt everything.. and it takes 30 mins to do one cookie - and they still have to guess at some data and the next transaction the encrypt changes?


                        While this needs to get fixed.... it's a rather weak hack.
                        ~TheDoc - ICQ7765825
                        It's all disambiguation

                        Comment

                        • adultchatpay
                          Let's Make Money
                          • Dec 2008
                          • 8785

                          #13
                          Whoa, that is something.

                          Comment

                          Working...