edgewedge - Slashdot User

Submission + - Startup Provides Secure Calls For Egypt (forbes.com)

Submitted by Anonymous Coward on Thursday February 10, 2011 @05:12PM

An anonymous reader writes: As the technology used to fuel democracy protests in Egypt continues to evolve, Whisper Systems, the company founded by well-known security researcher Moxie Marlinspike, just released encrypted calling and text messaging applications into Egypt to help keep protesters safe from surveillance.

Submission + - GoogleSharing, Now With No Trust Required

Submitted by Anonymous Coward on Monday October 04, 2010 @04:45PM

An anonymous reader writes: GoogleSharing, the popular Google anonymizing service created by well known privacy advocate and security researcher Moxie Marlinspike, has released a major new version today. The biggest change is leveraging Google's SSL search option to provide an anonymizing service which doesn't require you to trust either Google or GoogleSharing. This means that anyone who wishes to opt out of Google's data collection practices can now do so without having to trust the operator of the anonymizing service.

Submission + - Null-prefix SSL Attacks Now In The Wild

Submitted by Anonymous Coward on Tuesday August 04, 2009 @02:28AM

An anonymous reader writes: Moxie Marlinspike, who recently published new attacks on SSL at Defcon 17, seems to have released the new version of sslsniff which supports these attacks. While the release appears to coincide with a patch from Mozilla, every product that uses the Microsoft CryptoAPI is still vulnerable, including Internet Explorer and Outlook. The new version of sslsniff also supports built-in modes for hijacking software auto-updates that depend on SSL, and apparently includes techniques for defeating OCSP as well — making the elimination of existing null-prefix certificates difficult.

Comment An anarchist resource since 2004? (Score 2, Interesting) 208

by edgewedge on Monday February 23, 2009 @12:28PM (#26958363) Attached to: SSLStrip Now In the Wild

Holy crap, looking at the source to sslstrip, this was written in 2004! I wonder if the anarchist underground hacking scene has had access to this for all that time? Why release it now I wonder?

Submission + - SSLStrip Now In The Wild (thoughtcrime.org)

Submitted by Anonymous Coward on Monday February 23, 2009 @03:02AM

An anonymous reader writes: Moxie Marlinspike, who last week presented his controversial SSL stripping attacks at Black Hat Federal, appears to have released his much-anticipated demonstration tool for performing MITM attacks against would-be SSL connections. This vulnerability has been met with everything from calls for more widespread EV certificate deployment to an even more fervorous push for DNSSEC.

Slashdot Top Deals