Forum latest

Boffins bust web authentication with game consoles
Written by Danrok   
Tuesday, 30 December 2008 12:11

From The Register:

PS3 fleet spoofs SSL certs

Researchers have uncovered a weakness in the internet's digital certificate system that allows them to forge counterfeit credentials needed to impersonate virtually any website that relies on the widely used security measure.

Armed with more than 200 PlayStation 3 game consoles, the researchers are able to create a secure sockets layer certificate for any website of their choosing. The forged certificate causes all the major browsers to display a message indicating the website the user is visiting is legitimate because it's been vetted by a trusted certificate authority using supposedly robust cryptographic measures.

[More...]         [Comments...]

Don't Click Here Don't Click Here Either