Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Submission Summary: 0 pending, 9 declined, 1 accepted (10 total, 10.00% accepted)

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

+ - Generic TLS MITM attack->

Submitted by
imbaczek
imbaczek writes "The SSL 3.0+ and TLS 1.0+ protocols are vulnerable to a set of related attacks which allow a man-in-the-middle (MITM) operating at or below the TCP layer to inject a chosen plaintext prefix into the encrypted data stream, often without detection by either end of the connection. This is possible because an “authentication gap” exists during the renegotiation process at which the MitM may splice together disparate TLS connections in a completely standards-compliant way. This represents a serious security defect for many or all protocols which run on top of TLS, including HTTPS."
Link to Original Source
Music

+ - State of Creative Labs->

Submitted by
imbaczek
imbaczek writes "Creative has a long and rich history, the culmination of which was the creation of the SoundBlaster line of sound cards and the associated audio standard, which brought the full spectrum of synthesized and recorded audio to the PC. Although they have since expanded in to many other markets, Creative has and continues to be primarily a sound company, and was the king of sound cards... until recently."
Link to Original Source

If you analyse anything, you destroy it. -- Arthur Miller

Working...