Internet Addressing Flaw Fears Extend to E-Mail, Other Online Services

by Tim Stevens, posted Aug 7th 2008 at 9:52AM

Remember that ugly flaw in Internet addressing, or DNS, which was detected and fixed, but not by everyone and not in time? The man behind many of those warnings, security expert Dean Kaminsky, recently gave a presentation at the Black Hat conference in Las Vegas, elaborating on how the flaw not only affects Web pages, which has been most commonly reported on, but also could allow hackers to take over e-mail and FTP addresses, as well as other common online communication protocols.

Kaminsky even indicated that the Secure Socket Layer, or SSL, is also vulnerable. SSL certificates are what results in the "key" being displayed when you're shopping at a secure site, indicating to you that your data is being encrypted and secured as it travels over the wire. Not everyone is so concerned, however. VeriSign, one of the leaders in SSL certificates, is playing down those fears. A representative indicated that the company has known of this flaw for "many years" and has "basically engineered around [it]."

Why the company didn't bother to tell anyone else remains to be seen. Way to be a team player there, VeriSign. [Source: CNN, and BBC News]

Filed under: Computers

Tags: black hat, BlackHat, breaking news, BreakingNews, dns, Internet, security, verisign

Relevant Posts

Hack Attacks Likely Following Internet Addressing Flaw (47 days ago - 0 Comments)
Hackers Increasingly Turning Computers Into 'Zombies' (4 days ago - 1 Comment)
iPhone Security Hole Leaves Your Personal Info Vulnerable (11 days ago - 14 Comments)
Microsoft Adds 'Porn Mode' to Internet Explorer 8 (13 days ago - 17 Comments)
Google's Chrome Browser Vulnerable to Hackers (5 days ago - 1 Comment)

Subscribe to these comments

Reader Comments (Page 1 of 1)

Neutral

dwr50 @ Aug 7th 2008 12:41PM

And with all the internet fraud... it would appear that the crooks have "basically engineered around" VeriSign. lol

Add your comments

New Users

Name

E-mail

Current Users

E-mail:

Password

Remember Me

E-Mail me when someone replies to this comment

Add your comments:

Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.

When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.

To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.

Please note that gratuitous links to your site are viewed as spam and may result in removed comments. And yes, comments are moderated.

Japanese hardware sales, Aug. 25 - Aug. 31: Supercollider edition PS Fanboy Week in Review: 8/25 - 9/7 Weekly Webcomic Wrapup slept in	Googleholic for September 7, 2008 5 Sites For Old-School Gaming in Your Browser -Time Waster Teach your old iSight new tricks with Iris
Apple prepares for iPod event, puts up banners GTD: Real-life experience with Things Analysts: Sept. 9 event will underwhelm	Washington Mutual (WM) dumps CEO General Motors, Ford, and Chrysler head to Washington, looking for $50 billion Altria to pay $10.3 billion for maker of Skoal
Far Cry 2 and its map editor release Oct. 23rd Deals: Free MS points with 360 purchase, $15 games and more Free $60 Amazon gift card with Elite 360 purchase	AutoblogGreen for 09.08.08 Leave worried, return in style: Gustav evacuee wins Mustang on the way home Castagna tenderizes the Fiat 500
The best of Big Download: September 1-7 Warhammer Online open beta launches Will Wright not upset by Spore review scores	X-Rays On Marion Barber's Ribs Negative; Likely to Play Next Week Open Letter to Marvin Lewis: Cut the Crap! Your Team Sucks! Admit It! Cowboys Begin Super Bowl Run With Impressive Win Over Cleveland