SSL Compromised by Hackers and Feds?

It has been known for a while that SSL security, the same security that you use for online banking and online ordering is very susceptible to man-in-the-middle attacks. Moxie Marlinspike has proven for a couple of years now how vulnerable SSL is and keeps updating his SSLStrip program with new features.

Now, according to Wired magazine, the government has spying boxes that allow them to intercept and eavesdrop on SSL communication. So, just following the bunny trail, if government agencies have access to these boxes, what is to say that hackers do not have access to these boxes or something else that does the same thing?

You really need to be careful when ordering or banking online. The biggest threat is someone getting in between your system and your router/switch. If you are on a wireless network, make sure you are using WPA2 encryption, and are using a strong password. If you are on a wired lan, it is a good idea to have the windows firewall running. Do not do any secure communications from public access areas.

These things will help some, but if SSL truly is compromised, they will not help much.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.