does anyone know anything about AP's claim that Google
encrypts credit-card numbers? specifically, which
cipher and what kind of key management do they use?
- don davis, boston
-
From: Google puts new
In message [EMAIL PROTECTED], Bill Stewart writes:
Somebody did an interesting attack on a cable network's customers.
They cracked the cable company's DHCP server, got it to provide a
Connection-specific DNS suffic pointing to a machine they owned,
and also told it to use their DNS server.
This
One key point though: even if DNSSEC was deployed from the root, and a
trusted copy of the root key was the client, the search path/default
domain must *also* come from a trusted source.
Currently, default domain/search path often comes from DHCP, and for
nomadic laptops where the relationship to
It turned out that the ISP, Charter, was not compromised. The user had
some nasty spyware install itself on his computer. Here are the details:
http://ask.slashdot.org/comments.pl?cid=6260281sid=68266tid=172
-- sidney
-
The
At 11:15 PM 06/28/2003 -0400, Steven M. Bellovin wrote:
In message [EMAIL PROTECTED], Bill Stewart writes:
This looks like it has the ability to work around DNSSEC.
Somebody trying to verify that they'd correctly reached yahoo.com
would instead verify that they'd correctly reached
Bill Stewart [EMAIL PROTECTED] writes:
At 11:15 PM 06/28/2003 -0400, Steven M. Bellovin wrote:
In message [EMAIL PROTECTED], Bill Stewart writes:
This looks like it has the ability to work around DNSSEC.
Somebody trying to verify that they'd correctly reached yahoo.com
would instead verify