At The Economist, Glenn Fleishman writes about a fundamental flaw in the industry standard security system for websites, SSL, familiar to all of us as the little lock icon that appears for 'secure' websites. Recently, a cracker was able to issue himself security certificates for domains at Skype and elsewhere, making clear the problem of assigning trust to certificating authorities just because.
The secure web infrastructure was designed in part to defend against this. The browser may be tricked into connecting to a server designed to extract your identity or intercept communications, but the browser will see the wolf under the sheep's clothing. It will alert the user and hinder him from connecting to a server that lacks a certificate, issued by some CA, for the domain it claims to be representing. But if a valid certificate can be obtained, neither the user nor the browser have any idea that they have been hijacked.
A big part of the problem seems to be the willingness of browser- and OS-makers to turn a blind eye to sleazy CAs.
The web's trust issues [The Economist]
In 2009, President Obama pledged to “restore science to its rightful place.” He said, “We will not just meet, but we will exceed the level achieved at the height of the space race, through policies that invest in basic and applied research, create new incentives for private innovation, promote breakthroughs in energy and medicine, and […]
When I was little, my mother had a 1960s sit-under hair dryer with a huge translucent plastic hood that I’d imagine was a variation on a Star Trek Transporter. But that hulking machine had nothing on these vintage hair dryers from the first part of the 20th century. These would have provided me with years […]
In a new report, the U.S. Government Accountability Office reveals that the “Department of Defense uses 8- inch floppy disks in a legacy system that coordinates the operational functions of the nation’s nuclear forces.” That floppy format was developed in the late 1960s and was obsolete by the 1980s. I wonder if the DoD saves […]
Some truths are universal. For one, your phone will always run out of power when you most need it. For another, the charging cords that come packaged with your Apple device will fray, split, and rip faster than Usain Bolt in a game of tag.Instead, pick up a charging cord that anyone would have a tough […]
Some people say magic tricks are nerdy and best left to your 12-year-old asthmatic cousin. But others see value in perfecting the slight of hand and showmanship associated with a perfectly executed routine. We’re firmly in the latter camp. And now, we’re giving you the ability to put a few parlor tricks up your sleeve with the Penguin […]
Bluetooth speakers may be convenient to use, but many of them just aren’t that powerful. Sure, it may be fine if you’re seated in front of the speaker. But move across the room, and you may strain to hear what’s coming from those tiny drivers.There’s a reason why the G-BOOM Wireless Bluetooth Boombox (now $79.99 in the Boing […]