Forgot your password?
typodupeerror

Submission Summary: 0 pending, 3 declined, 0 accepted (3 total, 0.00% accepted)

Security

+ - RSA signatures can be forged, breaking SSL/HTTPS

Submitted by
Thomas Ptacek
Thomas Ptacek writes "An attack on RSA signatures has been disclosed which can fool SSL implementations (including mainstream web browser and servers) into accepting bogus certificates. OpenSSL has been confirmed vulnerable and has posted an advisory, citing a team from Google Security that has successfully exploited the attack and provided patches."

"If it ain't broke, don't fix it." - Bert Lantz

Working...