At The Economist
, Glenn Fleishman writes about a fundamental flaw in the industry standard security system for websites, SSL, familiar to all of us as the little lock icon that appears for 'secure' websites. Recently, a cracker was able to issue himself security certificates for domains at Skype and elsewhere, making clear the problem of assigning trust to certificating authorities just because
The secure web infrastructure was designed in part to defend against this. The browser may be tricked into connecting to a server designed to extract your identity or intercept communications, but the browser will see the wolf under the sheep's clothing. It will alert the user and hinder him from connecting to a server that lacks a certificate, issued by some CA, for the domain it claims to be representing. But if a valid certificate can be obtained, neither the user nor the browser have any idea that they have been hijacked.
A big part of the problem seems to be the willingness of browser- and OS-makers to turn a blind eye to sleazy CAs.
The web's trust issues
Tony Fadell is best known “one of the fathers of the iPod” at Apple, and as the former CEO of Nest. We’ve agreed to forget that he led the Google Glass division for a while, too. Today, news broke that the serial inventor and investor is now working with companies including Samsung Electronics and Foxconn’s […]
The Wall Street Journal is reporting that millennials have learned how to get free TV with a simple antenna, for a one-time cost of about $20. Us old-schoolers have known of this ancient wisdom since, well, forever but have neglected to pass down to the young’uns. But the crazy thing is that it’s not just […]
The fine folks at Techquickie put together a quick overview that takes the mystery out of the dizzying array of audio file formats, including when to use what and brief histories of the most common types.
The Pry.Me Bottle Opener holds tens of thousands of times its own weight, and you can pick one up now from the Boing Boing Store.This remarkable keychain is considerably smaller than any of your keys, but don’t let that fool you: it can easily open any bottle, and could even tow a trailer full of […]
Guaranteeing your privacy online goes way beyond checking the “Do Not Track” option in your browser’s settings. To ensure that your internet activity is totally hidden from Internet Service Providers, advertisers, and other prying eyes, take a look at Windscribe’s VPN protection. It usually costs $7.50 per month, but you can get a 3-year subscription […]
This project management bundle will help you get organized and learn how to lead a team to success. You can pay what you want for these five courses when you pick them up from the Boing Boing Store.To help you become an invaluable asset for your company, this bundle includes a curated collection of professional […]