Snafu highlights wider trust problem
By John Leyden
29th December 2008
Security researchers have uncovered weaknesses in low-assurance digital certificates that create a means for miscreants to mount more convincing man-in-the-middle (MITM) attacks.
MITMs involve a hacker planting himself between two parties in a dialogue, relaying messages between them and effectively controlling the conversation. The approach might be used, for example, to trick a user into handing over online banking login credentials in the mistaken belief that they are talking directly to a financial institution.
Normally untrusted certificates from an unknown issuer are used by fraudster sites in these kind of scenarios. This would generate error messages or warnings that flag up possible problems, at least to the more internet-savvy.
This one tip will help you sleep better tonight
A few seconds are all you need to get a better night's rest.