[145183] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Law Enforcement Appliance Subverts SSL

daemon@ATHENA.MIT.EDU (Rui Paulo)
Thu Mar 25 08:45:39 2010

From: Rui Paulo <rpaulo@gmail.com>
Date: Wed, 24 Mar 2010 19:14:55 +0000
To: cryptography@metzdowd.com

http://www.wired.com/threatlevel/2010/03/packet-forensics/

"At a recent wiretapping convention however, security researcher Chris =
Soghoian discovered that a small company was marketing internet spying =
boxes to the feds designed to intercept those communications, without =
breaking the encryption, by using forged security certificates, instead =
of the real ones that websites use to verify secure connections. To use =
the appliance, the government would need to acquire a forged certificate =
 from any one of more than 100 trusted Certificate Authorities."

--
Rui Paulo

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[145183] in cryptography@c2.net mail archive

Law Enforcement Appliance Subverts SSL

daemon@ATHENA.MIT.EDU (Rui Paulo)Thu Mar 25 08:45:39 2010

daemon@ATHENA.MIT.EDU (Rui Paulo)
Thu Mar 25 08:45:39 2010