September 30th, 2009, 09:01 PM
I'm speaking at SecTor (www.sector.ca) in Toronto next week and I'm trying to collect some data on perceptions of SSL from various target groups.
I figured I'd post an additional survey here -- http://www.surveymonkey.com/s.aspx?s...ShsDD1NA_3d_3d
The data will eventually be released on SSLFail.com following the conference.
IT Blog: .:Computer Defense:.
(Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".
October 1st, 2009, 02:42 PM
SSL has been a sore subject in my organization. We had a pentest done before I was hired and the pentesters had used bot which was emailed to a user and they were tricked to install it. Once installed, it communicated over SSL using a self signed certificate. The answer to fix that was to block access to ALL SSL sites and to permit only those that had been inspected by IT.
As you can imagine, this caused a huge amount of overhead on the network admins as they had to check out every SSL site. All the while, there was no proxy/content inspection for normal HTTP sites and all that traffic was allowed through.
When I saw this was happening, I was amazed that this was their answer. To me, it was just a waste of time. As it turned out, they were using a sonicwall firewall which has SSL control which allows you to block untrusted CAs, weak SSL ciphers, self signed certs, etc. Then just white list their domain if they are ok to use. I setup this feature and implemented a Bluecoat SG Proxy with SSL inspection.
There are several other layers that I've implemented but they have to do with antivirus/firewall and local access, so they are not relevant to this discussion.
is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
By Paws in forum AntiOnline's General Chit Chat
Last Post: November 25th, 2005, 05:29 PM
By zencoder in forum Miscellaneous Security Discussions
Last Post: February 5th, 2005, 06:25 PM
By SDK in forum Miscellaneous Security Discussions
Last Post: June 11th, 2004, 03:49 PM
By invader in forum AntiOnline's General Chit Chat
Last Post: May 15th, 2003, 03:18 PM
By bimmer in forum Tech Humor
Last Post: November 24th, 2002, 05:10 PM