Saturday, November 7, 2009

Full Disclosure RULEZ!

"An unusual cloak-and-dagger operation being run by internet security experts has been exposed this week, after details of a flaw in the SSL protocol were made public.

"The problem with the Secure Sockets Layer standard that keeps e-commerce websites, mail servers and more safe from attack was first discovered in August by a phone-security firm called PhoneFactor.

"That company immediately set to work with the Industry Consortium for Advancement of Security on the Internet (ICASI) to fix the issue in secret so as not to alert hackers.

"However, an engineer working independent of ICASI found the flaw by himself this week and posted the details online in an effort to find a solution.

"Naturally, the buzz about SSL potentially failing spread like wildfire, prompting ICASI and PhoneFactor to go public immediately."

More at

No comments: