[funsec] man in the middle over VOIP
Fred Cohen
fred.cohen at all.net
Tue Sep 13 06:04:17 CDT 2005
All cryptographic systems have the potential for MITM attacks at some
point in the process. Can we please move on to some humor - and is
there a way to get the list as a digest instead of individual emails?
I like to laugh all at once and when I have a need to instead of on a
push basis.
FC
On Sep 13, 2005, at 3:59 AM, Les Bell wrote:
> Dan Kaminsky wrote:
>
>
>> SSH is vulnerable to MITM because even when people are warned, they
>> still connect anyway. (Great study was done, maybe someone can
>> find the
>> link...they displayed SSL error messages to a bunch of customers
>> of some
>> New Zealand banking site...only 1/300 refused to use the connection.)
>>
>
> So . . you're saying . . . that stupidity is the enemy of security?
...
-- This communication is confidential to the parties it is intended
to serve --
Security Posture securityposture.com tel/fax
University of New Haven unhca.com 925-454-0171
Fred Cohen & Associates all.net 572 Leona Drive
Security Management Partners policygeeks.com Livermore, CA 94550
More information about the funsec
mailing list