Hackers Break SSL Encryption
 

This is going to be big news in the coming weeks!

http://www.theregister.co.uk/2011/09...ts_paypal_ssl/

This may be what Biden calls "a big fuckin deal". Anyone who accepts cards directly on their site or otherwise uses an ssl cert needs to pay attention to this.

Thanks for the link. I just had this conversation with my programmers. For another project requiring secure transfers of data, they told me how vunerable we could be.

Great... :(

ouch BEAST is coming., lol...........

endless possibilities.......

Once upon a time there was S.A.T.A.N... now BEAST? This IS a BFD.

yepp its bd.,
but
c'mon dont tell me , you never thought , this is gonna happen someday.,

Although I agree this is a big big problem, let's all accept the fact that Man-In-The-Middle attacks are not easy on the internet. You would need access to one of the main routers on the net to make this matter big time. Of course a spyware system running on a client's system is now able to decrypt SSL then, but it could grab the data after decryption anyway...

I know very few people that have access to major routers on the net and would use them to hack SSL streams.

hmm.
that kinda access... lets think.. should be making.. 40k-75k a year....on the avg..
vs what it could make....
over night...

http://images.moviepostershop.com/ba...1020249754.jpg http://1.bp.blogspot.com/_6pF_dBlcw6...ll_night_s.jpg

So they have to actually be watching for that connection, pretty much in control of your computer or server or an entire network really, so no sniffing these out... making this really fucking hard. Then they still have to guess what some keys are.., it doesn't decrypt everything.. and it takes 30 mins to do one cookie - and they still have to guess at some data and the next transaction the encrypt changes?


While this needs to get fixed.... it's a rather weak hack.

Whoa, that is something.