Akula Posted September 30, 2011 Report Share Posted September 30, 2011 We just had Moxie Marlinspike talk at our Security Conference. He talked about his Convergence project. I like his take on SSL and signing authorities and like the way convergence works. Qualys launched 2 notaries as a result of his work, and ours, with SSL. check it out, its a firefox plugin http://www.convergence.io Quote Link to comment Share on other sites More sharing options...
AWW$HEEET Posted September 30, 2011 Report Share Posted September 30, 2011 Lots of CA's getting compromised lately... Quote Link to comment Share on other sites More sharing options...
Not Brian Posted September 30, 2011 Report Share Posted September 30, 2011 T!GER M@TE Quote Link to comment Share on other sites More sharing options...
AWW$HEEET Posted September 30, 2011 Report Share Posted September 30, 2011 T!GER M@TE Lol, something like that. Quote Link to comment Share on other sites More sharing options...
Akula Posted October 1, 2011 Author Report Share Posted October 1, 2011 The Comodo attack freaking kills me. Quote Link to comment Share on other sites More sharing options...
AWW$HEEET Posted October 1, 2011 Report Share Posted October 1, 2011 Can't really recall what happened with comodo, but I remember hearing of it. I think that was the first one in a recent wave of attacks, then I believe another, then recently diginotar. Quote Link to comment Share on other sites More sharing options...
Draco-REX Posted October 1, 2011 Report Share Posted October 1, 2011 http://imgs.xkcd.com/comics/password_strength.png Quote Link to comment Share on other sites More sharing options...
Akula Posted October 1, 2011 Author Report Share Posted October 1, 2011 Comodo was compromised and generated certs for google mail, facebook, etc.... The CEO of Comodo said "it was an APT (Advanced Persistant Threat) from IRAN. We were attacked by IRAN, he kept saying how it was the iranian govt. Moxie looked at his web servers for his SSL tools and the same IP showed up with a referrer string from a youtube video on how to hack SSL. It wasn't an APT attack, it was script kiddie!!! Quote Link to comment Share on other sites More sharing options...
AWW$HEEET Posted October 6, 2011 Report Share Posted October 6, 2011 HAH. Win. On another note, I am taking my GCIH in February 2012. I may change my mind and go for the GCIA, but I am undecided. Quote Link to comment Share on other sites More sharing options...
CRed05 Posted October 6, 2011 Report Share Posted October 6, 2011 I just found out today that google has an https beta. https://encrypted.google.com/ /CSB Quote Link to comment Share on other sites More sharing options...
Akula Posted October 8, 2011 Author Report Share Posted October 8, 2011 Interesting. I can now do research on google and the data sent back to me is encrypted. No TLS 1.2 though. ssllabs.com <-- check out the strength of SSL on any site. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.