Author Topic: Security certificates gone wrong  (Read 25 times)

0 Members and 1 Guest are viewing this topic.

Offline Scarlett

  • Updates Moderator
  • *
  • Posts: 22996
Security certificates gone wrong
« Reply #1 on: April 25, 2017, 11:16:08 PM »
Security certificates gone wrong
25 April 2017, 8:50 pm



Security certificates are designed to authenticate hosts. Browsers have become pretty good about understanding chains of authorities, and making users accept the risk when websites can’t prove the chain of authorities needed to verify they are who they say they are.

Sites masquerading as legitimate sites, however, employ sad little tricks, such as “punycode”—URL links embedded in otherwise official-looking phishing emails. These tricks are malicious. There are also sites that should be well-administrated but are not.

Then there are sites, important sites, that botch their own security with certificates ostensibly granted by places such as the U.S. Department of Homeland Security (DHS).

To read this article in full or to leave a comment, please click here



Source: Network World Security

>> To obtain the full NetworkWorld Security article, click the link in the first post line <<

 


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2018 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by DSTM & PseFrank

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques



Smokey's also provides free fully qualified Log / Malware Analysis & Removal Help and System Health Checks