Tales from the Crypto

         Alun Jones (Security MVP Reconnect) writes about security, cryptography, SSL, PKI, and pretty much anything else that bothers him enough.

Archive for November, 2009

November 18, 2009

My take on the SSL MITM Attacks – part 3 – the FTPS attacks

[Note – for previous parts in this series, see Part 1 and Part 2.] FTP, and FTP over SSL, are my specialist subject, having written one of the first FTP servers for Windows to support FTP over SSL (and the first standalone FTP server for Windows!) Rescorla and others have concentrated on the SSL MITM […]

November 11, 2009

My take on the SSL MitM Attacks – part 2 – clarifications

Since the last post I made on the topic of SSL renegotiation attacks, I’ve had a few questions in email. Let’s see how well I can answer them: Q. Some stories talk about SSL, others about TLS, what’s the difference? A. For trademark reasons, when SSL became an open standard, it had to change its […]

November 9, 2009

My take on the SSL MITM Attacks – part 1 – the HTTPS attack

If you’re in the security world, you’ve probably heard a lot lately about new and deadly flaws in the SSL and TLS protocols – so-called “Man in the Middle” attacks (aka MITM). These aren’t the same as old-style MITM attacks, which relied on the attacker somehow pretending strongly to be the secure site being connected […]

November 7, 2009

Why .NET apps keep crashing on your Tablet PC

I’ve been struggling with this issue for some time. I have a small, simple .NET application I wrote in Visual C# a few months ago – I’ve tentatively titled it “iFetch”, because it fetches radio shows from the BBC iPlayer. It really is very little more than a simple data grid view that displays the […]

November 2, 2009

Why changing passwords should be done regularly

Filed under: General Security,What my wife knows @ 10:59 pm

A little birdie sent me a copy of today’s SANS ISC diary entry. That’s a good thing, because I’m at home sick with alleged piggy flu, and I’m not able to keep up with a whole lot. The diary entry argues that regular changes of passwords are often done for no other reason than “because […]

© 2017 Tales from the Crypto   Provided by WPMU DEV -The WordPress Experts   Hosted by Microsoft MVPs