So when dealing with the problem of SSL MITM, as Alex Sotirov and Mike Zusman will be speaking on at Black Hat, Verisign’s marketing felt that securing wireless access points would be the solution.
Arooo?
From The Tech Herald:
“The answer is to lock down these other security deficiencies. We can combat malware through a variety of methods like desktop and edge malware detectors, malware crawls available to site operators, and Extended Validation code signing. We can combat rogue hotspots through authentication initiatives such as the one surrounding the emerging WiMAX standard. WiMAX requires full authentication certificates to be available on all hotspots; in a world where consumers only trusted WiMAX hotspots the attack described here wouldn’t be possible. Those are the new frontiers in ensuring a secure online ecosystem,†Callan added.
Alex was good enough to respond to the article in the comment section as follows.
Tim Callan’s suggestion that to prevent SSL MITM attacks we need to first solve the problem of rogue access points is so ridiculous that I can’t even start to explain all the ways in which it’s wrong.
Sotirov from with the three pointer! Nothing but net.
