DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 17th September 2012
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default Vulnerability in SSL encryption is barely exploitable

From http://h-online.com/-1708604

Quote:
Researchers have discovered that, where data sent over an encrypted HTTPS connection has undergone prior compression, the door is opened to attackers who, by modifying the data traffic in a targeted manner, are then able to crack the encryption.

Compression is supported by almost half of all web servers, including the servers at many prominent organisations such as Google and Twitter. Browser makers have, however, already reacted by disabling the additional functions which enable the vulnerability.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
WEP and TKIP Wi-Fi encryption methods to be discontinued J65nko News 0 17th June 2010 11:02 PM
Security: Encryption: Disk Encryption eurovive Other BSD and UNIX/UNIX-like 17 6th March 2010 04:09 AM
softraid encryption Sunnz OpenBSD Security 6 24th September 2009 04:58 AM
Installing FreeBSD and encryption? neurosis FreeBSD Security 1 1st November 2008 05:51 PM
encryption during rsync gkontos General software and network 7 13th June 2008 10:08 AM


All times are GMT. The time now is 04:46 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick