At The Economist, Glenn Fleishman writes about a fundamental flaw in the industry standard security system for websites, SSL, familiar to all of us as the little lock icon that appears for 'secure' websites. Recently, a cracker was able to issue himself security certificates for domains at Skype and elsewhere, making clear the problem of assigning trust to certificating authorities just because.
The secure web infrastructure was designed in part to defend against this. The browser may be tricked into connecting to a server designed to extract your identity or intercept communications, but the browser will see the wolf under the sheep's clothing. It will alert the user and hinder him from connecting to a server that lacks a certificate, issued by some CA, for the domain it claims to be representing. But if a valid certificate can be obtained, neither the user nor the browser have any idea that they have been hijacked.
A big part of the problem seems to be the willingness of browser- and OS-makers to turn a blind eye to sleazy CAs.
The web's trust issues [The Economist]
As U.S. headlines bombard us with proof of how low humanity can go, here’s a look at a happy, peaceful, and prosperous country — The Netherlands — to remind us that it is actually possible for the human race to get it right. If people want to change present circumstances through liberal ideals, it’s helpful to look […]
Steven “Hackers” Levy has a long view of Trump: as radical as he is, he’s only a drop in the bucket compared to the political and social changes wrought by technology: “Who was king during the industrial revolution in England? The quirks and flaws of government leaders are not relevant information when studying the enlightenment. […]
Researchers at the Swiss Federal Institute of Technology in Lausanne have developed a neuroprosthetic interface that creates a wireless link between the brain and the spine. In a recent experiment, they used it to enable a paralyzed monkey to walk. Via Healthglu: The brain-spine interface overcomes a damaged connection by bridging the spinal cord injury […]
Loot Crate is a totally different kind of subscription service that mails subscribers monthly boxes filled with curated geek, pop culture, and gamer paraphernalia. Its cult following awaits a box every month filled with everything from bobble heads to T-shirts to special edition collectibles. But nothing gets Loot Crate fans as excited as the limited […]
The ARMOR-X Mini Flexible Phone Tripod is a smartphone tripod that is designed with flexible legs to rest on virtually any type of surface. Other tripods have proved useless unless I conveniently have a flat surface in front of me, which is why this particular tripod was appealing enough to try out. The ARMOR-X is compact and easy […]
You don’t need to get an advanced degree and take out massive loans to become a coder. This bundle of 10 courses was designed to teach anyone to code at home for less than it costs to go out for dinner. I was particularly impressed with this new 2017 bundle because it includes courses on […]