PKI - Breaking the Yellow Lock

Threat level definition

PKI - Breaking the Yellow Lock
Richard Forno, 2002-02-13

PKI provides Web users with a false sense of security that undermines the security of their on-line information.

Expand all | Post comment

PKI - Breaking the Yellow Lock 2002-02-13
Anonymous (1 replies)

PKI - Breaking the Yellow Lock 2002-02-22
Anonymous

PKI - Breaking the Yellow Lock 2002-02-14
Sjonnie (1 replies)

PKI - Breaking the Yellow Lock 2002-02-15
Anonymous (1 replies)

Man-in-the-Middle 2002-02-17
Anonymous

This is news... how? 2002-02-15
TheReject (2 replies)

This is news... how? 2002-02-15
Rick Forno (1 replies)

This is news... how? 2002-02-27
Anonymous

This is news... how? 2002-02-19
Chroma Key (1 replies)

This is news... how? 2002-02-20
Anonymous (1 replies)

This is news... how? 2002-02-22
J. Rogers

PKI - Breaking the Yellow Lock 2002-02-17
Anonymous

PKI - Breaking the Yellow Lock 2002-02-17
Exothermic Reaction (2 replies)

PKI - Breaking the Yellow Lock 2002-02-20
Oh, Please (1 replies)

PKI - What has it to do with yellow locks anyway? 2002-03-09
Mark

PKI - Breaking the Yellow Lock 2002-02-20
Anonymous

PKI - Breaking the Yellow Lock 2002-02-18
Anonymous

PKI - Breaking the Yellow Lock 2002-02-18
Anonymous

PKI - Breaking the Yellow Lock 2002-02-19
A concerned person

PKI - Breaking the Yellow Lock 2002-02-19
A concerned person (1 replies)

PKI - Breaking the Yellow Lock 2002-02-20
WillieWang

PKI - Breaking the Yellow Lock 2002-02-20
emts@telstra.com (1 replies)

PKI - Breaking the Yellow Lock 2002-02-23
Anonymous

PKI - Breaking the Yellow Lock 2002-02-21
Anonymous (1 replies)

PKI - Breaking the Yellow Lock 2002-02-22
Anonymous

To the Author 2002-02-27
Anonymous (1 replies)

To the Author 2002-03-02
Anonymous (1 replies)

I only refer to Bruce Schneiers "Secret and Lies". There Bruce said security is a process and not a product. How true how true......

Any encryption no matter if weak or strong is useless if the backend stores the data plain text. I am not concerned about the data transmission itself.... it is the storage and the handling of data that needs to be secured. How easy it is to intercept SSL traffic shows ettercap, a nice Man in the middle attack. Also people aren't carefull enough. If this nice window with the certificat information pops up and asks if you want to accept the cert people just click yes. Only a few people actually verify the certificate.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/60/10744#10744

To the Author 2002-03-04
Anonymous

Problem with Applications Not with Certification Authorities 2002-03-05
Lalit Bhangale

PKI - Breaking the Yellow Lock 2002-03-06
Milind Gokhale

Privacy Statement
Copyright 2009, SecurityFocus