Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Man-In-the-Middle Vulnerability For SSL and TLS 170

imbaczek writes "The SSL 3.0+ and TLS 1.0+ protocols are vulnerable to a set of related attacks which allow a man-in-the-middle (MITM) operating at or below the TCP layer to inject a chosen plaintext prefix into the encrypted data stream, often without detection by either end of the connection. This is possible because an 'authentication gap' exists during the renegotiation process, at which the MitM may splice together disparate TLS connections in a completely standards-compliant way. This represents a serious security defect for many or all protocols which run on top of TLS, including HTTPS."

Comment Re:Stupid license. No thanks. (Score 1) 419

The prohibition has no effect on being able to verify the claim. If you were allowed to disassemble, what would you expect to get out of that? Assembly. You will always get assembly from a disassembler so doing that neither proves nor disproves anything. You would need the original assembly source to compare against. And if you had that, you may as well simply examine it to see that it is all assembly and assemble it to verify that it works.

Having the 32 bit sources available is enough for me to believe their claims about the 64 bit sources also being entirely assembly. Their decision to license 64 bit differently from 32 is a different question altogether though.

Comment Re:Depressing, but not uncommon (Score 1) 1251

100 is the average of the population as a whole. But if you consider any subset of that population, ie. university/college graduates, the average of that subset may be significantly different from the average of the entire population.

That said, I find the claim that US college grads have an average IQ of 95 to be very unlikely. That would be saying that college grads are less intelligent than the general population.


Submission + - Canadian Class-action Cellphone Suit Is Approved ( 2

BeanBunny writes: A Saskatchewan, Canada court has ruled that a $12 billion class-action suit can proceed. The suit alleges that "system access fees" that the cellphone companies have charged ($7-9 per month) are unfair and constitute price gouging. From the article: "It is described as the largest class-action in Canadian history, potentially affecting every cellphone user in the country. Currently, there are 7,500 complainants signed onto the suit."

Slashdot Top Deals

Surprise due today. Also the rent.