Posted by in press release | Print | Email Friend |

DeepSec discusses SSL security hole: Anyone can pretend to be a bank

VIENNA, AUSTRIA, November 07, 2009 /24-7PressRelease/ -- When is a website truly secure? Most users are convinced that a website encrypted with Secure Socket Layer (SSL), as used by webshops or banks, is safe. The logic behind it is that nothing can happen because the contents are encrypted. "But unfortunately this may be a fallacy", warns Rene Pfeiffer of the International Security Conference DeepSec (https://deepsec.net/), which will be held from 17 to 20 November in Vienna for the third time, bringing together the world elite from the areas of network security and hacking. Moxie Marlinspike, an expert in encryption systems from the Institute For Disruptive Studies, will be presenting dangerous holes in the encryption with SSL and HTTPS that enable hackers to pass off as any other website. "In the wrong hands, it opens the floodgates to frauds", warns Pfeiffer.

"An error discovered by Moxie Marlinspike in the way these certificates are issued means that you can get a certificate for a website you don't own, such as eBay, PayPal or a bank", Pfeiffer explains. This means that, when a customer wishes to send money from his bank account, for example, you can pretend to be his bank and get his access data. "Naturally, this can lead to massive misuse", Pfeiffer warns. Moreover, by means of a so-called SSL sniff method, encrypted data traffic can be monitored on the Net, which may lead to the disclosure of passwords, credit card data or bank access data without the user being aware of it. The error is so serious that Microsoft felt obliged to release a patch that was delivered a few days ago.

In a two-day workshop on the topic of "Designing Secure Protocols and Intercepting Secure Communication" on 17 and 18 November at DeepSec, Moxie Marlinspike will be analysing the architecture of encryption systems in detail and show ways to avoid such attacks. Security systems must be planned in detail, otherwise you feel safe while you actually aren't. "This information is essential not least for banks and insurance companies, since customers entrust these organisations with considerable shares of their assets", says Pfeiffer. Safety holes in online banking could be used to seriously damage the customers' trust in internet banking.

Being a neutral platform, DeepSec brings together in Vienna the hacker community, IT/security companies, officials and researchers to exchange thoughts and experiences in lectures and workshops. The conference, whose overall motto this year is "Espionage and How to Avert It", also wants to counteract the widespread prejudice that hackers are automatically criminals. "For many of them it's really about identifying safety holes and making them public. Only then can they be closed", according to Pfeiffer.

The complete programme with a summary of the contributions:
https://deepsec.net/schedule

To register for DeepSec go to: https://deepsec.net/register/

DeepSec 2009 the In-Depht Security Conference, November 17-20 in The Imperial Riding School Vienna, Austria.

---
Press release service and press release distribution provided by http://www.24-7pressrelease.com

Published: Saturday 07th of November 2009 04:47:17 AM
Read more Press Release.

Read the last five articles in the PRESS RELEASE category

Read the five most popular articles (by page views) in the PRESS RELEASE category

Sat Nov 21 2009 times rss Home | Espanol | 24/7 Press Releases | Browse Tags | Browse Archive
Today's Hottest Press Releases
  1. Kuoni Launches its New Italy Brochure for 2010
  2. PlayNation Parties and Playgrounds of Morrisville NC Opens New Location for Birthday Parties and Outdoor Wooden Play Sets Near Chapel Hill, Durham, and Raleigh
  3. LandC Survey Shows the Benefits of Arranging Life Insurance Young
  4. 32Red Affiliates Invests in Advanced Technology for Affiliate Partners
  5. Southern California Edison Provides $250,000 Grant to Promote STEM Learning at THINK Together After-School Programs
  6. Supplemental Pregnant Health Insurance Covers Maternity Costs
  7. Court Issues Important Victory for Workers' Comp Claimants
  8. Costa Rica Travel Agency Goes Green
  9. Mediterraneo. The New Collection for Exteriors by Levantina
  10. Kuoni Launches New 2010 World Class Europe and Morocco Brochure

Latest News Stories

  1. PlayNation Parties and Playgrounds of Morrisville NC Opens New Location for Birthday Parties and Outdoor Wooden Play Sets Near Chapel Hill, Durham, and Raleigh
  2. Costa Rica Travel Agency Goes Green
  3. Court Issues Important Victory for Workers' Comp Claimants
  4. Immigration Reform Needed to Meet Nursing Shortage Needs
  5. Distraction at 37,000 Feet - Lessons for the Road
  6. This Holiday Season, Ross-Simons Makes Every Jewelry Wish Come True
  7. Patricia Gracia: Crossing the Border Line of Tijuana, Mexico to the US American Dream
  8. Supplemental Pregnant Health Insurance Covers Maternity Costs
  9. Calling a Piano Mover Would Have Saved $75K
  10. New Home Shoppers Are Finding Great Reasons to Buy With Pardee Homes in Company's Los Angeles/Ventura Area Master-Planned Communities of Fair Oaks Ranch and Moorpark Highlands
  11. Southern California Edison Provides $250,000 Grant to Promote STEM Learning at THINK Together After-School Programs
Times of the Internet - Copyright 2007-2009 Privacy Policy | Browse

129,047 English news articles viewed 19,016,225 times. 68,930 Spanish articles viewed 6,579,770 times. 7,602 Press Releases viewed 573,559 times. Totals: 205,579 articles. 26,169,554 views.

Times of The Internet has been online for 926 Day(s), 18 Hour(s), 39 Minute(s), and 3 second(s)

Page generated: 0.876

This website brought to you by:

Privacy | Terms | Contact