[cabfpub] SSL BEASTie boys develop follow-up 'CRIME' web attack
Hill, Brad
bhill at paypal-inc.com
Mon Sep 10 16:35:44 MST 2012
An educated guess is that they would have already, if the issue required action on the part of Forum members.
From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of Phillip
Sent: Monday, September 10, 2012 11:04 AM
To: Rob Stradling
Cc: public at cabforum.org
Subject: Re: [cabfpub] SSL BEASTie boys develop follow-up 'CRIME' web attack
Apropos which:
Since this is a Google employee speaking as a Google employee, perhaps Google could share the technical details of the attack with the forum?
THAI DUONG [http://www.ekoparty.org/images/flag-vietnam.png] (GOOGLE)
The CRIME attack
We present a new set of attacks against old and new secure Internet protocols. Some of the most popular websites, browsers, and protocols are vulnerable. By vulnerable we meant the duo sitting next to you in coffee shops can get access to your emails, bank accounts, social networks, etc. We've worked with relevant parties to fix what can be fixed. We have a good news and a bad news for you. The good news is we've got working patches for most of the issues. The bad news is some of them might contribute to global warming. Let's upgrade and go plant some trees!
On Sep 10, 2012, at 12:50 PM, Phillip wrote:
The conference is on the 19-21 September
I guess we are going to want to discuss this at the NYC meeting.
On Sep 10, 2012, at 3:01 AM, Rob Stradling wrote:
Another attack on SSL/TLS to be announced soon...
http://www.theregister.co.uk/2012/09/07/https_sesh_hijack_attack/
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
_______________________________________________
Public mailing list
Public at cabforum.org<mailto:Public at cabforum.org>
https://cabforum.org/mailman/listinfo/public
_______________________________________________
Public mailing list
Public at cabforum.org<mailto:Public at cabforum.org>
https://cabforum.org/mailman/listinfo/public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cabforum.org/pipermail/public/attachments/20120910/a3d168c8/attachment.html
More information about the Public
mailing list