Security Now 243

From The Official TWiT Wiki
Jump to: navigation, search
Security Now
Episode 243

Security Now 243: Subverted SSL

News & Errata

09:25 - 12:40

  • Firefox has been updated to 3.6.3 to fix a memory corruption flaw
  • It also fixes an information leak vulnerability where a website could determine which websites you have visited through checking the colour of links

12:39 - 14:24

  • Java has been updated to fix multiple remote code execution vulnerabilities

14:25 - 15:47

  • Quicktime has been updated on Windows to v7.6.6

15:48 - 24:04

  • Adobe PDF's by design are able to launch other system executables in order to display embedded content
  • Hackers can manipulate the warning message Adobe displays before launching the application to deceive users
  • This also affects Foxit Reader
  • Launching embedded executable from PDF document using features of the PDF language, without exploiting vulnerabilities: [1]
  • Preventing Adobe Reader from launching executables: [2]

27:33 - 56:29

  • UPS's online tracking system crashed on iPad release day due to everyone checking the status of there order
  • Steve has now ordered the top of the range 3G iPad
  • He says it needs a case with a stand
  • Wifi connects quickly
  • The battery life is great
  • There is a fantastic PDF reader called 'Good Reader'
  • The rotation lock is good
  • The iBook store currently has a weak collection of books
  • You cant hold the iPad in one hand it is too heavy
  • The mail app is also good
  • Steve also likes 'Puzzle Maniak'

01:32:18 - 01:39:00

  • Steve is annoyed by the lack of Flash on the iPad

Spinrite Story

56:30 - 58:23 Anon(A CEO) (Unknown)

A customer used Spinrite to fix a dead hard drive and saved $30,000 worth of orders that were not backed up

Subverted SSL

58:24 - 01:32:18

  • Microsoft stores trusted Certificate Authorities(CA) in the Windows Trusted Store
  • If you go to a website whose web certificate is signed by someone not currently in your instance of Windows, down in the Windows crypto system, it will see that you're asking about a certificate it doesn't currently have. So it contacts Microsoft and grabs the certificate that you're asking for on the fly.
  • All browsers on Windows use this store of trusted CA's apart from Firefox
  • A researcher was at a conference where they saw in sort of the trade show portion of the conference a very disturbing booth from a company called Packet Forensics.
  • Packet Forensics was advertising a little turnkey network appliance which was able to perform SSL man-in-the-middle attacks
  • A country could force a CA operating in its country to issue a certificate for any website in the world
  • Then when a user visits the fake website it would appear to be the real website as is has a certificate signed by a trusted CA
  • The researchers believe this sort of attack is happening right now
  • There are so many trusted CA's in our browsers we have no idea which ones to trust




Production Information

  • Edited by: Tony
  • Notes:
Info.png This area is for use by TWiT staff only. Please do not add or edit any content within this section.