Dailydave mailing list archives
Re: SSL MITM fun.
From: "jmoss" <jmoss () blackhat com>
Date: Tue, 24 Feb 2009 12:13:35 -0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hey guys, you can also watch the video and maybe that will answer some of your questions and speculations: https://media.blackhat.com/bh-dc-09/video/Marlinspike/blackhat-dc-09-marlins pike-slide.mov https://media.blackhat.com/bh-dc-09/blackhat-dc-09-marlinspike-interview.m4v http://www.youtube.com/watch?v=Rvp0oPluuLE That youtube is a quick interview I did with Moxie, but it was the first time I have ever done this at a Black Hat and I was totally exhausted and look a bit zapped. The idea worked well, though, so beware of me at future events pulling you aside and doing a quick interview. Moxie is a very good presenter, and the amount of coverage was amazing - more than I expected for sure. It wasn't earth shattering or anything, just a very well put together talk with plenty of examples and a comprehensive review of what is possible. I especially like when Moxie hints that there are many other areas where these SSL tricks work, but then constrains himself to only dealing with https. Kaminsky sums it up well with his blog post: http://www.doxpara.com/?p=1269 Jeff -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.9.1 (Build 287) Charset: us-ascii wsBVAwUBSaRU70qsDNqTZ/G1AQhl+wf/aDID4/pJIPOeZCgU25t0O2Zy1CbzE8x3 SHx5SKwKwBi/lV9XMNa0kWs1sHVgyyjtPUFqgZlCQTuyeiYQt7MaJYReQLqYhZaA 5s+9qVFJiIoqO3PQJsxdll120Cd6Yz7SqSQnIECEWubKgtTv6lX4Zq9w2jAWiFXn UchLFLmx13Fuvuk+SnPkMBB4Qv1ArBerJDmrT3IhT4TX52uIvW7iwAUNqjvecmca qlaKiUBXVWwB9w0GDVd4TyvxwwDAi9Vo/59uvzRZIIVDeG90WWxJp9jx1W7FGMZp ZhuCp7sHF1xGr5ypiqv0lizv7txr2LIP5JnwxV0zt7qxLj7HXBJAMA== =ufS7 -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: SSL MITM fun., (continued)
- Re: SSL MITM fun. Chris Weber (Feb 20)
- Re: SSL MITM fun. Michal Zalewski (Feb 20)
- Re: SSL MITM fun. Alexander Sotirov (Feb 20)
- Re: SSL MITM fun. Michal Zalewski (Feb 20)
- Re: SSL MITM fun. Robert Święcki (Feb 20)
- Message not available
- Re: SSL MITM fun. Michal Zalewski (Feb 20)
- Re: SSL MITM fun. Michal Zalewski (Feb 19)
- Re: SSL MITM fun. Berend-Jan Wever (Feb 19)
- Re: SSL MITM fun. Fyodor (Feb 19)
- Re: SSL MITM fun. Richard Bejtlich (Feb 20)
- Re: SSL MITM fun. jmoss (Feb 24)
- Re: SSL MITM fun. Dragos Ruiu (Feb 19)