It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Hackers Expose Weakness In Visiting Trusted Sites
page: 11
share:
Hackers Expose Weakness In Visiting Trusted Sites
www.ksat.com
(visit the link for the full news article)
LAS VEGAS -- A powerful new type of Internet attack works like a telephone tap, but it operates between computers and Web sites they trust.
Hackers at the Black Hat and DefCon security conferences have revealed a serious flaw in the way Web browsers weed out untrustworthy sites and block anybody from seeing them. If a criminal infiltrates a network, he can set up a secret eavesdropping post and capture credit card numbers, passwords and other sensitive data flowing between computers on that net
Well folks, I really don't know what to tell you on this one. I know a lot of folks have learned to check for the padlock icon on the bottom of the
browser and make sure the sight says HTTPS.
Mozilla says the problem for them was fixed with the latest version of their browser, but M$ is still trying to figure it out for theirs.
If you, by chance (and despite warnings) use your PC for any type of sensitive transactions, I'd probably chill out on that for a little while.
I didn't find anything about this being tied to just Windoze, but that would really be my assumption. Regardless, if you still have money IN the bank, do your business in person for a little while, unless you have made sure you are up to date on the browser you are using.
I also didn't find that it was affecting Chrome, or Opera.
I'm sure we would all welcome opinions of experts as to a safe , usable alternative to IE. (keeping in mind that Linux, although probably the base for the BEST alternative to Windoze problems is out of reach for many due to technical considerations.)
www.ksat.com
(visit the link for the full news article)
Mozilla says the problem for them was fixed with the latest version of their browser, but M$ is still trying to figure it out for theirs.
If you, by chance (and despite warnings) use your PC for any type of sensitive transactions, I'd probably chill out on that for a little while.
I didn't find anything about this being tied to just Windoze, but that would really be my assumption. Regardless, if you still have money IN the bank, do your business in person for a little while, unless you have made sure you are up to date on the browser you are using.
I also didn't find that it was affecting Chrome, or Opera.
I'm sure we would all welcome opinions of experts as to a safe , usable alternative to IE. (keeping in mind that Linux, although probably the base for the BEST alternative to Windoze problems is out of reach for many due to technical considerations.)
www.ksat.com
(visit the link for the full news article)
Sorry guys. Do what you must. Mods: do with this what you will.
Posted Via ATS Mobile: m.abovetopsecret.com
One thread can exist in Breaking News while another can exist in the proper forum.
This thread is in breaking News, the other is in Global Meltdown.
No harm no foul.
This thread is in breaking News, the other is in Global Meltdown.
No harm no foul.
reply to post by KSPigpen
Feel free to carry on, best part of that thread was contained in the following:
Feel free to carry on, best part of that thread was contained in the following:
Originally posted by HunkaHunka
In the following picture, I just scribbled out, you have Amazon.com (or any other web site) on the right.
Down on the left we have a starbucks (or other wifi enabled location). In this scenario, the bad guy is on the same wireless segment (He doesn't have to be). Also in the picture below, the bad guy has managed to become the victims gateway through a poisoned arp cache technique or some other mechanism. He then intercepts the communications between the victim and amazon.com
Now, using The Middler, a different tool being released this weekend, you could simply inject an iframe on the first non-ssl connection.
But using this new technique Kaminsky is talking about, you can also simply mod the server certificate of a WELL KNOWN SITE and present it to the client without it realizing the difference.
[atsimg]http://files.abovetopsecret.com/files/d895e9857cb53aa7.png[/atsimg]
new topics
-
whistleblower Captain Bill Uhouse on the Kingman UFO recovery
Aliens and UFOs: 3 hours ago -
1980s Arcade
General Chit Chat: 6 hours ago -
Deadpool and Wolverine
Movies: 6 hours ago -
Teenager makes chess history becoming the youngest challenger for the world championship crown
Other Current Events: 7 hours ago -
CIA botched its handling of sexual assault allegations, House intel report says
Breaking Alternative News: 8 hours ago -
Lawsuit Seeks to ‘Ban the Jab’ in Florida
Diseases and Pandemics: 11 hours ago
top topics
-
Lawsuit Seeks to ‘Ban the Jab’ in Florida
Diseases and Pandemics: 11 hours ago, 20 flags -
Starburst galaxy M82 - Webb Vs Hubble
Space Exploration: 13 hours ago, 12 flags -
The Superstition of Full Moons Filling Hospitals Turns Out To Be True!
Medical Issues & Conspiracies: 15 hours ago, 8 flags -
CIA botched its handling of sexual assault allegations, House intel report says
Breaking Alternative News: 8 hours ago, 8 flags -
whistleblower Captain Bill Uhouse on the Kingman UFO recovery
Aliens and UFOs: 3 hours ago, 6 flags -
15 Unhealthiest Sodas On The Market
Health & Wellness: 13 hours ago, 5 flags -
Teenager makes chess history becoming the youngest challenger for the world championship crown
Other Current Events: 7 hours ago, 3 flags -
Deadpool and Wolverine
Movies: 6 hours ago, 3 flags -
1980s Arcade
General Chit Chat: 6 hours ago, 3 flags
1