Tuesday, January 17, 2006

sid in print

My 5081 words of fame:
Graduate discovers Internet weakness (via IDS News)


Anonymous said...

Very cool - Congratulations!

Just curious, where does the vulnerability lurk? Something in the certificate handling, or the instalation of an unknown plugin? Somewhere else?

Sid Stamm said...

Actually it has to do with users being willing to accept certificates no matter who issues them. The trust for the website comes from "oh, my friend thought it was fine" and not from being a universally trusted source.