HTTPS SSL encryption is vulnerable

Derrick · Sep 26, 2011

http://mybroadband.co.za/news/quick-news/34690-https-ssl-encryption-vulnerable.html

HTTPS SSL encryption is vulnerable to decryption by hackers..

Bobbin · Sep 26, 2011

Sheesh is there ever not a vulnerability in something online :/ seems even the things you trust can no longer be trusted.

UnUnOctium · Sep 26, 2011

90% of encryption schemes can be cracked by a man-in-the-middle attack. With encryption, the biggest difficulty always has been a secure key exchange. Fact of the matter is, it's highly unlikely that anyone can establish a successfull man-in-the-middle position before any key exchange happens unless the server and/or client is compromised.

Plaasjapie · Sep 26, 2011

UnUnOctium said:
90% of encryption schemes can be cracked by a man-in-the-middle attack. With encryption, the biggest difficulty always has been a secure key exchange. Fact of the matter is, it's highly unlikely that anyone can establish a successfull man-in-the-middle position before any key exchange happens unless the server and/or client is compromised.

what about if the transfer medium is wireless ?

UnUnOctium · Sep 26, 2011

Plaasjapie said:
what about if the transfer medium is wireless ?

Same thing. Man-in-the-middle are based on the fact that medium is compromised, be it wired or wireless.

sn3rd · Sep 30, 2011

One contains code that must be loaded into the victim's web browser and the second one captures and decrypts HTTPS session cookies.

This is old news. Known-plaintext attacks against SSL have been out in the open for years.

And there are easier (and faster and more reliable) ways to compromise a user than this.

Join the MyBroadband community

Get started

HTTPS SSL encryption is vulnerable

Derrick

ლ(ಠ_ಠ )ლ

Bobbin

Honorary Master

UnUnOctium

Expert Member

Plaasjapie

Well-Known Member

UnUnOctium

Expert Member

sn3rd

Expert Member