[ALUG] A new hacking technique

Ismail Settenda ismailmss at gmail.com
Wed Aug 7 23:19:04 EAT 2013


Sounds like english.....but not sure whether its *Schnaps* speaking or
Snoop doggy dog is in da house. . .;-)

Regards

--
Ismail

On 7 August 2013 23:03, Andreas Tauscher <ta at lonestar-bbs.de> wrote:

> Am 06.08.2013 01:05, schrieb Adili:
> > A new hacking technique dubbed BREACH can extract login tokens, session
> > ID numbers and other sensitive information from SSL/TLS encrypted web
> > traffic in just 30 seconds, More info on the link below
>
> Easiest countermeasure: Disabling http compression.
>
> Separating user input from secrets (Should anyway always done). And to
> hide the true length of a secret by adding some random bytes.
>
> Andreas
> _______________________________________________
> The Arusha Linux User Group: http://unix.or.tz
> Linux mailing list
> Linux at lists.habari.co.tz
> http://lists.habari.co.tz/cgi-bin/mailman/listinfo/linux
>
> The Arusha LUG mailing list is generously hosted by Habari Node Ltd:
> http://www.habari.co.tz/
>
> The above comments and data are owned by whoever posted them (including
> attachments if any). The mailing list host is not responsible for them in
> any way.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.habari.co.tz/pipermail/linux/attachments/20130807/1e87a4eb/attachment.html>


More information about the Linux mailing list