Gone in 30 seconds: New attack plucks secrets from HTTPS-protected pages
-
The HTTPS cryptographic scheme, which protects millions of websites, is susceptible to a new attack that allows hackers to pluck e-mail addresses and certain types of security credentials out of encrypted pages, often in as little as 30 seconds. The technique, scheduled to be demonstrated Thursday at the Black Hat security conference in Las Vegas, decodes encrypted data that online banks and e-commerce sites send in responses that are protected by the widely used transport layer security (TLS) and secure sockets layer (SSL) protocols.
I'm a little tired, little wired, and I think I deserve a little appreciation!
-
The HTTPS cryptographic scheme, which protects millions of websites, is susceptible to a new attack that allows hackers to pluck e-mail addresses and certain types of security credentials out of encrypted pages, often in as little as 30 seconds. The technique, scheduled to be demonstrated Thursday at the Black Hat security conference in Las Vegas, decodes encrypted data that online banks and e-commerce sites send in responses that are protected by the widely used transport layer security (TLS) and secure sockets layer (SSL) protocols.
I'm a little tired, little wired, and I think I deserve a little appreciation!
Terrence Dorsey wrote:
I'm a little tired, little wired, and I think I deserve a little appreciation!
Gone in 60 Seconds.
cheers, Chris Maunder The Code Project | Co-founder Microsoft C++ MVP