An anonymous reader writes "Nine weeks after Moxie Marlinspike presented at Defcon 17, null-prefix certificates that exploit the SSL certificate vulnerability are beginning to appear. Yesterday, someone posted a null-prefix certificate for www.paypal.com on the full-disclosure mailing list. In conjunction with sslsniff, this certificate can be used to intercept communication to PayPal from all clients using the Windows Crypto API, for which a patch is still not available. This includes IE, Chrome, and Safari on Windows. What's worse, because of the OCSP attack that Moxie also presented at Defcon, this certificate cannot be revoked."
Read more of this story at Slashdot.
delicious
digg
google
technorati
Alain Silberstein's replica watches Krono Bauhaus replica watches 2 Diamonds is a watch model that crafted with a stainless steel case polished with 438 diamonds! Each diamond is replica watches VVS - Top replica watches Weselton and of the toppest quality. The Krono Bahaus 2 comes together with an automatic calendar and this model, actually, is a limited edition because Alain only created 999 replica handbags of these pieces replica handbags. Each one has 10 bars of water resistance and anti glare crystal. If you are looking for some luxury timepieces that can add up your personal elegant taste and flourish your image Louis Vuitton in the eyes Louis Vuitton of other people around you, this watch model can be your just choice and surely it can offer you a big smile when you take such a wonderful piece ugg boots on your ugg boots wrist.