![](<a href="http://validator.w3.org/feed/check.cgi?url=http%3A//abucaybambi.blogspot.com/feeds/posts/default"><img src="valid-atom.png" alt="[Valid Atom 1.0]" title="Validate my Atom 1.0 feed" /></a>){kind=small}
I felt extremely mad this morning as I opened my Friendster account. I tried to type my username and password again and again but still it didn't activate. I surely know that I was not mistaken of my account because I even wrote them (username and password) on my notebook. Someone probably hacked my account. I really felt extremely, overly mad.
To thoroughly know what's often the "underground" business of these hackers, I read some articles which talks more about them.
One of the article I've read form The Computer Shopper, May 2009 series on page 11 reveals that a hacker has developed a tool that can steal information by tricking victims into believing they are visiting a secure encrypted website.
When a website displays a padlock in the address bar of the web browser, it indicated that the connection is encrypted, which in turn means that is is secure form eavesdropping criminals. The system is called Secure Sockets Layer (SSL), and it's the only way regular Internet users can be sure that their online transactions are safe.
An independent hacker, going by the name of Moxie Marlinspike, has demonstrated a software tool called SSLstrip, which fooled both the website owner and the visitor into believing that a secure connection exists between then. It displays a green address bar in the browser, along with the security padlock and a secure https web address. In fact, the website is using an unencrypted http web address instead.
"Marlinspike's larger message is one that a lot people have been talking about for a few years now. This SSL thing is not working very well," said Dan Kaminsky, director of penetration testing at security firm IOActive.
There is currently no fix for the problem, but users can reduce the risks by avoiding public wireless services and other Internet connections that may be used by other, unknown parties.
To thoroughly know what's often the "underground" business of these hackers, I read some articles which talks more about them.
One of the article I've read form The Computer Shopper, May 2009 series on page 11 reveals that a hacker has developed a tool that can steal information by tricking victims into believing they are visiting a secure encrypted website.
When a website displays a padlock in the address bar of the web browser, it indicated that the connection is encrypted, which in turn means that is is secure form eavesdropping criminals. The system is called Secure Sockets Layer (SSL), and it's the only way regular Internet users can be sure that their online transactions are safe.
An independent hacker, going by the name of Moxie Marlinspike, has demonstrated a software tool called SSLstrip, which fooled both the website owner and the visitor into believing that a secure connection exists between then. It displays a green address bar in the browser, along with the security padlock and a secure https web address. In fact, the website is using an unencrypted http web address instead.
"Marlinspike's larger message is one that a lot people have been talking about for a few years now. This SSL thing is not working very well," said Dan Kaminsky, director of penetration testing at security firm IOActive.
There is currently no fix for the problem, but users can reduce the risks by avoiding public wireless services and other Internet connections that may be used by other, unknown parties.
No comments:
Post a Comment