Sign up FAST! Login

NSA disguised itself as Google to spy, say reports | Politics and Law - CNET News


Stashed in: security, ok, government. whatever.

To save this post, select a stash from drop-down menu or type in a new one:

If you look at your browser's certificate authority store, there's well over a hundred trusted root certificates.  Once a user has one, it's all over.  Encryptanet (and Paycloud) was all about installing a trusted certificate to do a man in the middle benign attack that reduced friction to content for fun and profit.  I think these sorts of CA compromises were well known by 2003, so it's funny how far we've come in 10 years.  

had not read this. thanks for sharing

You May Also Like: