SSL Compromised by Hackers and Feds?

It has been known for a while that SSL security, the same security that you use for online banking and online ordering is very susceptible to man-in-the-middle attacks. Moxie Marlinspike has proven for a couple of years now how vulnerable SSL is and keeps updating his SSLStrip program with new features.

Now, according to Wired magazine, the government has spying boxes that allow them to intercept and eavesdrop on SSL communication. So, just following the bunny trail, if government agencies have access to these boxes, what is to say that hackers do not have access to these boxes or something else that does the same thing?

You really need to be careful when ordering or banking online. The biggest threat is someone getting in between your system and your router/switch. If you are on a wireless network, make sure you are using WPA2 encryption, and are using a strong password. If you are on a wired lan, it is a good idea to have the windows firewall running. Do not do any secure communications from public access areas.

These things will help some, but if SSL truly is compromised, they will not help much.

~ by D. Dieterle on March 30, 2010.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: