System7 » ssl http://www.system7.org Spread the word, information is free. Thu, 29 Jul 2010 14:56:15 +0000 en hourly 1 http://wordpress.org/?v=3.0 Google beta’s SSL for web searches http://www.system7.org/2010/05/24/google-betas-ssl-for-web-searches/ http://www.system7.org/2010/05/24/google-betas-ssl-for-web-searches/#comments Mon, 24 May 2010 16:54:35 +0000 The Gunslinger http://www.system7.org/?p=527 According to this H article, Google is beginning to beta a new feature of providing SSL for their standard web search service. As one commenter noted, Google is still collecting the same information from your searches but this will limit 3rd parties from eavesdropping on your search queries. Remember SSL doesn’t guarantee absolute privacy as there’s Moxie Marlinspike’s work, chance of CA intermediaries, and your employer loading their own trusted CA’s into your corporate devices.

]]> http://www.system7.org/2010/05/24/google-betas-ssl-for-web-searches/feed/ 0 SSL Strip http://www.system7.org/2009/06/13/ssl-strip/ http://www.system7.org/2009/06/13/ssl-strip/#comments Sat, 13 Jun 2009 15:22:09 +0000 The Gunslinger http://www.system7.org/?p=228 There’s a nice tool that will perform SSL man in the middle attacks.  In layman’s terms this means when this tool is run on a gateway it will create a clear text HTTP stream on the network (that you can sniff) when someone creates a HTTPS session.  i.e. Someone logs into Gmail via HTTPS and there will be an HTTP clear text mirror of that session which you can sniff via Wireshark.

Check it out here: www.thoughtcrime.org/software/sslstrip/

]]> http://www.system7.org/2009/06/13/ssl-strip/feed/ 0