Search Perform an advanced search query SOFTPEDIA
 
SOFTPEDIA
Updated one minute ago
HomeSubmit a program for being reviewedAdvertise on our websiteGet help on surfing our websitesSend us your feedbackGet information about our XML/RSS backend and how to use itBrowse the news archiveVisit our discussion forumVizitati forumul in limba romana



KLIP
  1. HOME
  2. SCIENCE
  3. TECHNOLOGY
  4. WEBMASTER
  5. SECURITY
  6. MICROSOFT
  7. LINUX
  8. APPLE
  9. GAMES
  10. TELECOMS
  11. REVIEWS
  12. LIFE & STYLE
  13. EDITORIALS
  14. INTERVIEWS
  15. RSS
Welcome!
Hello, Guest

Login if you have a Softpedia.com account.

Otherwise, register for one.

SPYWARE THREATS

Thou Shall Not Trust the Anti-Fraud Sign

- SSL Certification not guaranteeing security

By: Vlad Constandes, SEO News Editor

Change the way you're thinking about the SSL certification, for it is not that safe, researchers from Netcraft advised. Don’t go rushing ahead and provide all the personal information, for it might get stolen, and other phrases to that
effect. Why’s that? Because the companies assuring that the site is safe for visiting are not God, and because four sites that have been boasting with their Extended Validation SSL certificates have been found to contain malicious code.

The original SSL certificate only indicates that there is a third party that has checked the identity of the site’s owner and an encrypted line of communication with the site has been set up, and nothing more. Should the tools with which the verification has been done be obsolete or miss something, or should the site itself be filled with holes to be exploited by cyber criminals, it will happen.

About a year ago, there was a similar subject floating on the site owner’s lips, who was dutifully worried that the certification was not guaranteeing personal information privacy, but instead instituted a false sense of security, according to Paul Mutton, a researcher with Netcraft Ltd. As a direct result, the enhanced version has been rolled out, only to be faced with the same problems, because if the good guys constantly fight to preserve security, cyber criminals constantly battle the systems and more often than not, they manage to come up with incredibly dangerous countermeasures.

Once again, the need for updated anti-virus software and caution was advised, due to the fact that once a site with the SSL certification, be it extended or not, has been found by the hackers to be vulnerable, the data input by the users is siphoned off outside the encryption provided and visible, Mutton told the Associated Press.

MORE RELATED ARTICLES: FBI Violates Online Privacy for Fourth Year in a Row Sick Email Lottery Scam Mobile Users – Ransomware Trojan Victims Google: The Return of the Grieving Widow Strikes Back Bring the Heavy Guns, Viruses Fight Dirty Data-Leakage in Airport Wireless Networks Spam Galore from Just Six Botnets
 
Comments | Link here | Subscribe
Print | Send to friend
Today's News | Yesterday's News

Search:

TAGS: ssl certification internet website security

6th March 2008, 13:36 GMT | Copyright (c) 2008 Softpedia | Contact:
Read by 677 user(s) | Rating: | 5 vote(s) so far | Cast your vote:
Thou Shall Not Trust the Anti-Fraud Sign - USER OPINIONS




We are sorry, there are no opinions available for this article.


SHARE YOUR OPINION ABOUT Thou Shall Not Trust the Anti-Fraud Sign

Since you are not logged on, your comments will have to be approved before being displayed.
Click here to login, or register.
Your Name:
Your Email:
Type in the result:
Your Opinion:
 


DO YOU WANT TO CONTACT US?  

If you have some comments or you want to send us some information you can send us an email directly to .
You can use the form below for the same purpose.
Your full name: (at least 3 characters)
Your email address: (at least 5 characters)
Message subject: (at least 5 characters)
Message text:
(at least 10 characters)
Type in the result:
 
 
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and Softpedia™ logo are registered trademarks of SoftNews NET SRL.
Copyright Information | Privacy Policy | Terms of Use | Contact Softpedia | Update your software | Archive