| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 23 Sep 2011 02:03:33 -0300 From: Fosforo <fosforo@...il.com> To: noloader@...il.com Cc: full-disclosure@...ts.grok.org.uk, Valdis.Kletnieks@...edu Subject: Re: [OT] Security in general using HTTPS thnx man -- []s Fosforo ------------------------------------------------------------- Bcz sex is like hacking.. you get in, you get out, and you hope you didn't leave something behind that can be traced back to you.. ------------------------------------------------------------- http://insanenetworks.blogspot.com ------------------------------------------------------------- On 22 September 2011 19:12, Jeffrey Walton <noloader@...il.com> wrote: > On Thu, Sep 22, 2011 at 5:31 PM, <Valdis.Kletnieks@...edu> wrote: >> On Thu, 22 Sep 2011 18:01:10 -0300, Fosforo said: >>> Maybe not related to full disclosure in general, but anybody knows if there is a >>> way to track/identify the certificate authorities which "sold" these kind of >>> black boxes that changes HTTPS certificates on-the-fly, tracking users >>> without notice ? >> >> See the EFF's 'SSL Observatory' project that just got some press exposure yesterday: >> >> https://www.infoworld.com/t/encryption/eff-builds-system-warn-certificate-breaches-173602 >> https://www.eff.org/https-everywhere > They are discussing ways to broaden monitoring, reporting and > validation on randombits mailing list now. > > jeff > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists