Comments on: SSL takes a serious beating at BlackHat and Defcon conferences http://www.cupfighter.net/index.php/2009/08/ssl-beaten-up-at-blackhat-and-defcon/ A blog by Schuberg Philis colleagues Wed, 25 Jan 2012 15:13:39 +0000 hourly 1 http://wordpress.org/?v= By: Security Justice » Blog Archive » Security Justice – Episode 16 DEFCON Recovery with @dave_rel1k http://www.cupfighter.net/index.php/2009/08/ssl-beaten-up-at-blackhat-and-defcon/comment-page-1/#comment-278 Security Justice » Blog Archive » Security Justice – Episode 16 DEFCON Recovery with @dave_rel1k Wed, 02 Sep 2009 02:06:42 +0000 http://www.cupfighter.net/?p=416#comment-278 [...] New SSL Vulns [...] [...] New SSL Vulns [...]

]]> By: Frank Breedijk http://www.cupfighter.net/index.php/2009/08/ssl-beaten-up-at-blackhat-and-defcon/comment-page-1/#comment-210 Frank Breedijk Fri, 21 Aug 2009 12:46:54 +0000 http://www.cupfighter.net/?p=416#comment-210 Tony, Thanks for you kind words. You are correct when you state that complexity and security are natural enemies. <a href="http://www.cupfighter.net/index.php/2009/08/har-dns-security/" rel="nofollow">Bert Hubert</a> sees this the biggest problem with DNSSEC. Building a second secure net will be hard without puttng anybody in charge and frankly I don't know who I want to be in charge of the Internet. Even tough the Internet is not perfect, it works quite well. Most perfect systems don't seem to work very well. Tony,

Thanks for you kind words.
You are correct when you state that complexity and security are natural enemies. Bert Hubert sees this the biggest problem with DNSSEC.
Building a second secure net will be hard without puttng anybody in charge and frankly I don’t know who I want to be in charge of the Internet.
Even tough the Internet is not perfect, it works quite well. Most perfect systems don’t seem to work very well.

]]> By: Tony http://www.cupfighter.net/index.php/2009/08/ssl-beaten-up-at-blackhat-and-defcon/comment-page-1/#comment-203 Tony Fri, 21 Aug 2009 05:04:11 +0000 http://www.cupfighter.net/?p=416#comment-203 Frank, don't be troubled by poor spelling that most spellcheckers would not find anyway. Concentrate on substance of which you gave us plenty. I think it's time we either rebuilt the internet with security in mind or built an alternative network for all secure traffic which to all intents and purposes was physically separated from the existing network. The more complicated the internet is made in an attempt to chase security the more potential openings and flaws exist. It seems to me that making an inherently insecure software system secure is fundamentally impossible in the same way that making a totally self consistent and completge logical system is impossible (Godel, 1931) Frank, don’t be troubled by poor spelling that most spellcheckers would not find anyway. Concentrate on substance of which you gave us plenty. I think it’s time we either rebuilt the internet with security in mind or built an alternative network for all secure traffic which to all intents and purposes was physically separated from the existing network. The more complicated the internet is made in an attempt to chase security the more potential openings and flaws exist. It seems to me that making an inherently insecure software system secure is fundamentally impossible in the same way that making a totally self consistent and completge logical system is impossible (Godel, 1931)

]]> By: Frank Breedijk http://www.cupfighter.net/index.php/2009/08/ssl-beaten-up-at-blackhat-and-defcon/comment-page-1/#comment-159 Frank Breedijk Fri, 14 Aug 2009 15:50:59 +0000 http://www.cupfighter.net/?p=416#comment-159 <a href="#comment-148" rel="nofollow">@Steven </a> Thanks for you feedback. It is good to know that there is somebody that reads to posts that I write in my spare time. I am sorry that my limited skills with the English language (I am not a native speaker) put you off. I should have needed spell checked the post, but since I wrote it after the conference finished and wanted to upload it quickly I missed that opportunity. @Steven
Thanks for you feedback. It is good to know that there is somebody that reads to posts that I write in my spare time.
I am sorry that my limited skills with the English language (I am not a native speaker) put you off. I should have needed spell checked the post, but since I wrote it after the conference finished and wanted to upload it quickly I missed that opportunity.

]]> By: Steven http://www.cupfighter.net/index.php/2009/08/ssl-beaten-up-at-blackhat-and-defcon/comment-page-1/#comment-148 Steven Mon, 10 Aug 2009 22:18:10 +0000 http://www.cupfighter.net/?p=416#comment-148 It would be GREAT, Frank, if you could use a spellchecker or have someone proof your work before you blast it out for millions to read. It was so terrible I almost stopped reading half way through and surely would have if the topic wasn’t so interesting to me. I don’t mean to be rude, but that’s very unprofessional and just plain sloppy. I found MANY misspelled words and some completely destroyed the entire sentence; for example, “On of the statuses the OCSP can send back is “Try later…”, represented by the number 3.” EEEEE! Not On, but O-N-E with an EEEEE! That’s just one of many that stood out like a sore thumb. Again, to reiterate, PLEASE use a spellchecker! It would be GREAT, Frank, if you could use a spellchecker or have someone proof your work before you blast it out for millions to read. It was so terrible I almost stopped reading half way through and surely would have if the topic wasn’t so interesting to me. I don’t mean to be rude, but that’s very unprofessional and just plain sloppy. I found MANY misspelled words and some completely destroyed the entire sentence; for example, “On of the statuses the OCSP can send back is “Try later…”, represented by the number 3.” EEEEE! Not On, but O-N-E with an EEEEE! That’s just one of many that stood out like a sore thumb. Again, to reiterate, PLEASE use a spellchecker!

]]>