eldavojohn writes “Two researchers, Dan Kaminsky and Moxie Marlinspike, came up with exacting in any event procedure to counterfeit being a lay website with authentication from a certificate prerogative. Wired has the details: ‘When an attacker who owns his own department — badguy.com — requests a certificate from the CA, the CA, using communication tidings from Whois records, sends him an email asking to establish his ownership of the milieu. But an attacker can also insist on a certificate fitting for a subdomain of his placement, such as Paypal.com\0.badguy.com, using the null personage \0 in the URL. The CA pleasure problem the certificate in return a kingdom identical to PayPal.com\0.badguy.com because the hacker legitimately owns the native land province badguy.com. Then, sufficient to a breach initiate in the by the by SSL is implemented in diverse browsers, Firefox and others theoretically can be fooled into reading his certificate as if it were anecdote that came from the bona fide PayPal position. Basically when these unprotected browsers compare arrive the territory label contained in the attacker’s certificate, they tarry reading any characters that go after the “\0 in the celebrity.’”

Peruse more of this tale at Slashdot.


Tags: , , , ,