99% of all secure websites may be vulnerable

Here is a advisory on the SSL/TLS attack that Juliano Rizzo presented  at the ekoparty Security Conference.  It appears that 99% of all secure websites in the world that contains a vulnerability that enables a hacker to to do a sucessfull man-in-the-middle attack. These websites are using SSL/TLS 1.0 TLS v1.1 and newer versions don’t have this vulnerability, but are hardly used. The attack is a new fast block-wise chosen-plaintext attack against SSL/TLS 1.0.

Advertisements

~ by petergullberg on November 5, 2011.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: