[pchelpers] News:Researchers devise undetectable phishing attack

• From: John Durham <john.modec@xxxxxxxxxx>
• To: PC-Helpers <pchelpers@xxxxxxxxxxxxx>
• Date: Wed, 31 Dec 2008 07:38:13 +1300

by Robert McMillan
December 30, 2008, 11:19 AM —  IDG News Service —  

With the help of about 200 Sony Playstations, an international team of
security researchers have devised a way to undermine the algorithms used
to protect secure Web sites and launch a nearly undetectable phishing
attack.

To do this, they've exploited a bug in the digital certificates used by
Web sites to prove that they are who they claim to be. By taking
advantage of known flaws in the MD5 hashing algorithm used to create
some of these certificates, the researchers were able to hack Verisign's
RapidSSL.com certificate authority and create fake digital certificates
for any Web site on the Internet.

More here:
http://www.itworld.com/node/59921
-- 
John Durham
Site http://modecideas.com
Server hosted on Ubuntu 4.10
Good advice is like good paint. It only works when applied.



-- 
-------list-services-below-----------
Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at http://www.freelists.org/cgi-bin/lsg2.cgi
List archives at http://www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Latest news live feeds at http://modecideas.com/indexhomenews.htm?sig
Good advice is like good paint- it only works if applied.

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription