Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Submission + - Researchers Find, Analyze Forged SSL Certs In The Wild

An anonymous reader writes: A group of researchers from Carnegie Mellon University and Facebook has managed to get a concrete sense of just how prevalent SSL man-in-the-middle attacks using forged SSL certificates are in the wild. Lead by Lin-Shung Huang, PhD candidate at Carnegie Mellon University and, during the research, an intern with the Facebook Product Security team, they have created a new method for websites to detect these attacks on a large scale: a widely-supported Flash Player plugin was made to enable socket functionalities not natively present in current browsers, so that it could implement a distinct, partial SSL handshake to capture forged certificates.
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Researchers Find, Analyze Forged SSL Certs In The Wild

Comments Filter:

"Experience has proved that some people indeed know everything." -- Russell Baker

Working...