Abbiate. Molta. Paura. MITM-SSL


“The SSL 3.0+ and TLS 1.0+ protocols are vulnerable to a set of related attacks which allow a man-in-the-middle (MITM) operating at or below the TCP layer to inject a chosen plaintext prefix into the encrypted data stream, often without detection by either end of the connection. This is possible because an ‘authentication gap’ exists during the renegotiation process, at which the MitM may splice together disparate TLS connections in a completely standards-compliant way. This represents a serious security defect for many or all protocols which run on top of TLS, including HTTPS.”

Più informazioni qui.


Google in UK: 5 miliardi di ricavi, 21 milioni di tasse

Stavolta niente giornali complottisti, ma direttamente il Financial Times che recita: Google’s UK operation paid £20.4m of corporation tax on its profits in 2013, according to accounts filed at Companies House on Thursday. Documents published by the parent company this year showed that the country accounts for $5.6bn of revenues. qui Estote parati.