LXer: Thought Komodia/Superfish Bug Was Really, Really Bad? It's Much, Much Worse!
by LXer from LinuxQuestions.org on (#3RZS)
Published at LXer:
But it gets worse. Filippo Valsorda has shown that you didn't even need to crack Komodia's weak password to launch a man-in-the-middle attack, but its SSL validation is broken, such that even if Komodia's proxy client sees an invalid certificate, it just makes it valid. Seriously.
Read More...
But it gets worse. Filippo Valsorda has shown that you didn't even need to crack Komodia's weak password to launch a man-in-the-middle attack, but its SSL validation is broken, such that even if Komodia's proxy client sees an invalid certificate, it just makes it valid. Seriously.
Read More...