Site Certificates Forged; Internet Security Not So Secure

from the lock-and-key dept

Ed Felten has the details on a rather worrisome bit of information released by some security researchers on how to forge site certificates. Generally speaking, secure certificates for sites were considered to a pretty definite sign that you were safely connected to a particular site -- and transferring any data between you and that site securely. The ability to forge such certificates throws all that into doubt, and it severely disrupts the ability to be confident in a secure transaction online. Felten describes how this is fixable (though, some certification authorities should have made changes a while ago to prevent this), but it's yet another reminder that what's secure today might not be so secure tomorrow.

11 Comments | Leave a Comment..

Search Techdirt

And now, a word from our Sponsors..

15% off discount for Techdirt Readers

Popular Posts

Poll

Add Techdirt RSS To Your Reader

Subscribe to Techdirt's Daily Email Newsletter

Older Stuff

Tuesday
1:56pm:	Jury Says Fictional Character Can Be Libelous (28)
12:44pm:	Spam King Alan Ralsky Gets Four Years In Jail (26)
11:39am:	Publishers Getting The Wrong Message Over eBook Piracy (39)
10:28am:	Calling For An Independent Invention Defense In Patents (26)
9:12am:	Microsoft Tries To Silence Revelation Of Bing Cashback Flaws; Leads To Revelation Of Other Problems (41)
8:03am:	Don't Blame Facebook For Some Kids Beating Up Another Student (61)
6:46am:	Hulu Telling Sites To Stop Embedding So Much (44)
5:00am:	Once Again, If The Gov't Has Data, It Will Be Abused (42)
2:53am:	As Expected, Social Networking Generation Running For Office Face Their Permanent Record Online (31)
12:55am:	IMAX Sues Cinemark For Building Competing System... While Being An IMAX Customer (14)
Monday
10:26pm:	Filmmaker Allowed To Use The Name Rin Tin Tin To Describe Rin Tin Tin (6)
8:25pm:	Senators Begin Questioning ACTA Secrecy (32)
6:34pm:	Brazil E-Voting Machines Not Hacked... But Van Eck Phreaking Allowed Hacker To Record Votes (15)
5:08pm:	FCC Doesn't Think The Lack Of Competition Is A Major Barrier To Broadband? (36)
3:49pm:	Heads Of Major Movies Studios Claiming They Just Want To Help Poor Indie Films Harmed By Piracy (47)
2:38pm:	USPTO Convinced By Amazon That Online Gift Giving Patent Is Legit (19)
1:31pm:	Tiburon Approves Recording Every Car That Enters/Leaves... Despite More Evidence Of Traffic Camera Abuse In UK (89)
12:18pm:	Label Exec Arrested For Not Using Twitter To Disperse Crowd At Mall To See Singer (53)
11:01am:	Spanish Court Dismisses Complaint From Nintendo Against Counterfiet DS Cartridges, Since They Add Functionality (12)
9:55am:	Dear PR People: If Your Exec Has A Comment, Our Comments Are Open (25)
8:44am:	What Kind Of Mickey Mouse (And Donald Duck) Lawsuits Are These? (23)
7:30am:	Prosecutors Ending Lawsuit Against Lori Drew (13)
6:06am:	Dear Rupert: You Don't Succeed By Making Life More Difficult For Users (70)
4:20am:	ESPN Writer Suspended From Twitter (59)
2:10am:	School Can't Handle Critical Community Message Board; Sends Legal Nastygram (21)
Friday
7:39pm:	Liberian Laws Are A Secret Due To Copyright; Even The Gov't Doesn't Have Them (43)
6:56pm:	Lily Allen: It's Ok To Sell My Counterfeit CDs, Just Don't Give My Music For Free (97)
6:10pm:	EFF Looks To Bust Bogus Podcasting Patent; Needs Prior Art (34)
5:28pm:	Google Blocking Set Top Boxes From Showing YouTube Unless They Pay Up? (65)
4:44pm:	Entertainment Industry: Yes, Please Keep Negotiating Secret Copyright Treaty To Save Our Asses (43)

Quick Links

Current Insight Community Cases

Site Certificates Forged; Internet Security Not So Secure

from the lock-and-key dept

Which Internet Concern Worries You The Most?

Techdirt's Daily Email Newsletter

Tuesday

Monday

Friday

More