public internet security
lsof at nodata.co.uk
Mon May 7 05:55:58 UTC 2007
Am Sonntag, den 06.05.2007, 22:43 +0100 schrieb Andy:
> On 06/05/07, nodata <lsof at nodata.co.uk> wrote:
> > For this example's simplicity, the HTTP www.chase.com site has been
> > modified by a transparent proxy to change the logon page link from the
> > real internet banking app to a malicious internet banking app.
> > You are taken to an HTTPS site called
> > https://somethingelse.example.com
> > This site has a valid SSL certificate, and so you received no warnings.
> Surely you would check the certificate in your browser to confirm:
> 1. It's issued by a reputable C.A.
> 2. It was the same C.A. it was last time
> 3. That the URL in the certificate is that of your bank
> 4. That the Organisation field has your banks name
> First they ignore you
> then they laugh at you
> then they fight you
> then you win.
> - Mohandas Gandhi
More information about the ubuntu-users