Bitcoin Forum
December 08, 2016, 06:34:12 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: SSL 1.0 broken  (Read 1227 times)
rebuilder
Legendary
*
Offline Offline

Activity: 1618



View Profile
September 20, 2011, 09:54:00 AM
 #1

http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/

Researchers claim to have a found a way to decrypt SSL traffic, needing about 10 minutes to crack the encryption. The article doesn't go into much detail on what is required for the attack to work, and it's just one post on the register... Still, careful out there.

Selling out to advertisers shows you respect neither yourself nor the rest of us.
---------------------------------------------------------------
Too many low-quality posts? Mods not keeping things clean enough? Self-moderated threads let you keep signature spammers and trolls out!
1481222052
Hero Member
*
Offline Offline

Posts: 1481222052

View Profile Personal Message (Offline)

Ignore
1481222052
Reply with quote  #2

1481222052
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Xenland
Legendary
*
Offline Offline

Activity: 980


I'm not just any shaman, I'm a Sha256man


View Profile
September 20, 2011, 09:58:05 AM
 #2

Looks like it requires some JavaScript exploitation in order for this exploit to work, none the less if your not a white-hat expert your pretty vulnerable to these kind of things
rebuilder
Legendary
*
Offline Offline

Activity: 1618



View Profile
September 20, 2011, 10:05:41 AM
 #3

Yep, it's a man-in-the-middle from what I can tell. So if you're on a trusted net connection and careful with your browsing, your risk should be fairly low. Public wifi etc. on the other hand...

Selling out to advertisers shows you respect neither yourself nor the rest of us.
---------------------------------------------------------------
Too many low-quality posts? Mods not keeping things clean enough? Self-moderated threads let you keep signature spammers and trolls out!
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
September 20, 2011, 10:56:23 AM
 #4

It's TLS 1.0 that's broken, not SSL 1.0 ...

sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
September 20, 2011, 12:11:24 PM
 #5

It's TLS 1.0 that's broken, not SSL 1.0 ...


Thank you, was wondering when someone who actually bothers to read would point that out to people. ;p

With that in mind are there any browsers about that support TSL 1.1 and/or 1.2?

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
bitterness
Newbie
*
Offline Offline

Activity: 18


View Profile
September 20, 2011, 03:50:36 PM
 #6

It's TLS 1.0 that's broken, not SSL 1.0 ...

Well, SSL 1.0 was broken a long time ago, never use it.


With that in mind are there any browsers about that support TSL 1.1 and/or 1.2?

Yes Opera supports it very well. But this doesnt help you with IIS being the only common used web server with at least wacky and hidden support for it. So basically on the server side coverage tends to be zero.

Of course this may change now.
cronopio
Jr. Member
*
Offline Offline

Activity: 59


View Profile
September 20, 2011, 07:29:15 PM
 #7

Stay tuned this Friday's release

http://www.h-online.com/security/news/item/Tool-cracks-SSL-cookies-in-just-ten-minutes-1346387.html

12FKPNwQUS6Em7Ar6wc1GnzpU4NWBKhTAK

WARNING! This game its so addictive
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!