Tuesday, February 24, 2009

More SSL Mischief and Sleight of Hand

TechRepublic ran an interesting post today by Michael Kassner on its IT Security blog about some tricks for bypassing SSL, the darling of security for e-commerce web sites.

The post has details and slides from presentations at the recent Black Hat DC 09 conference on the subject. Interestingly, the exploits are mostly Man-In-The-Middle (MITM) attacks, or those that fool users into non-HTTPS sites, rather than cracking the algorithms behind SSL.


Post a Comment

<< Home