Via Net Security – Researchers find, analyze forged SSL certs in the wild
Analyzing Forged SSL Certificates in the Wild by Researchers from Carnegie Mellon University and Facebook: Lin-Shung Huang, Alex Ricey, Erling Ellingseny, Collin Jackson: “The SSL man-in-the-middle attack uses forged SSL certificates to intercept encrypted connections between clients and servers. However, due to a lack of reliable indicators, it is still unclear how commonplace these attacks occur in the wild. In this work, we have designed and implemented a method to detect the occurrence of SSL man-in-the-middle attack on a top global website, Facebook. Over 3 million real-world SSL connections to this website were analyzed. Our results indicate that 0.2% of the SSL connections analyzed were tampered with forged SSL certificates, most of them related to antivirus software and corporate-scale content filters. We have also identified some SSL connections intercepted by malware. Limitations of the method and possible defenses to such attacks are also discussed.”
Sorry, comments are closed for this post.