DNS vulnerability

Valter Douglas Lisbôa Jr. douglas at trenix.com.br
Mon Jul 28 15:19:11 PDT 2008


On Monday 28 July 2008 18:59:24 marty wrote:

> Secure transactions cannot be successfully faked because the
> attackers don't have the SSL private key. Your browser will
> clearly show when the connection has unencrypted portions.
> Disconnect when in doubt. Duh.
If the user does not click on "Yes Continue" button without read the message. 
Most of them WILL DO this (or worse, disable the browser messages if they 
can) - "You take what you gets". Unhapy, but truth.

> Web sites have much more to fear, because they can easily be
> diverted to porn sites or whatever. Totally harmless except
> from a reputation standpoint. God.com => Hotporn.com.
> oops.... actually, that might prove to be a blessing:)
:) In fact, reputation for some is only remebered when they fall, humm.... 
this kind of people deserves it.

> No the sky is not falling and this will pass soon.
> But watch out for that Banana vuln..It's a real killer.
Indeed.

-- 
Valter Douglas Lisbôa Jr.
Sócio-Diretor
Trenix - IT Solutions
"Nossas Idéias, suas Soluções!"
www.trenix.com.br
contato at trenix.com.br
Tel. +55 19 3402.2957
Cel. +55 19 9183.4244



More information about the hlfs-dev mailing list