SSL Compromised

[nomaad]

Two security researchers have found a way of breaking the SSL/TLS encryption that allows the information that passes from browser/user to server and back be reliable and, above all, private.

Thai Duong and Juliano Rizzo are scheduled to demonstrate their BEAST (Browser Exploit Against SSL/TLS) at the Ekoparty security conference of Friday, but information about it was released previously and has created quite a stir in the security community, still rattled by the recent demonstration of fallibility of the CA trust system....

read the rest at:

http://www.net-security.org/secworld.php?id=11664

 

[Duplicate]

Nice.

 

[Grendelkhan]

Yup. I believe that this is talking about 128 bit encryption. The 128 bit has been hacked before but never really talked about. Back in the days of Direct TV they were working very hard on breaking the latest 128 bit H cards. They had the crack done but the feds came in and arrested everyone who was working on them. We will have to move up to the next level of encryption which will be 256 bit. Understand now that the government doesn't like it when web sites use 256 bit or higher because they like being able to crack those web sites in a timely manner. You think for a second that those secured e-mail sites don't have a backdoor or the pgp key for the government your crazy. Hell the companies themselves may or may not even know about these backdoors but they are in place.