Skip to content
  • Home
  • Categories
  • Recent
  • Popular
  • World
  • Top
  • Tags
  • Users
  • Groups
  • Documentation
    • Home
    • Read API
    • Write API
    • Plugin Development
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo
v3.10.3 Latest
Buy Hosting
  1. Home
  2. Uncategorized
  3. It’s not every day that a security researcher acquires the ability to generate counterfeit HTTPS certificates, track email activity, and execute code of his choice on thousands of servers—all in a single blow that cost only $20 and a few minutes to lan...

It’s not every day that a security researcher acquires the ability to generate counterfeit HTTPS certificates, track email activity, and execute code of his choice on thousands of servers—all in a single blow that cost only $20 and a few minutes to lan...

Scheduled Pinned Locked Moved Uncategorized
2 Posts 2 Posters 10 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • dangoodin@infosec.exchangeD This user is from outside of this forum
    dangoodin@infosec.exchangeD This user is from outside of this forum
    Dan Goodin
    wrote on last edited by
    #1

    It’s not every day that a security researcher acquires the ability to generate counterfeit HTTPS certificates, track email activity, and execute code of his choice on thousands of servers—all in a single blow that cost only $20 and a few minutes to land. But that’s exactly what happened recently to Benjamin Harris.

    https://arstechnica.com/security/2024/09/rogue-whois-server-gives-researcher-superpowers-no-one-should-ever-have/

    mick@cosocial.caM 1 Reply Last reply
    2
    0
    • mick@cosocial.caM This user is from outside of this forum
      mick@cosocial.caM This user is from outside of this forum
      Mick 🇨🇦
      replied to Dan Goodin on last edited by
      #2

      @dangoodin WHOIS is a dumpster fire and the ‘net can’t be rid of it soon enough.

      This domain has not been listed as the authoritative WHOIS source for the .MOBI registry since at least 2016.

      The fact that any CA is willing to use this domain as a source of authoritative information for domains in .MOBI points to the fact that the CA industry is also a dumpster fire.

      1 Reply Last reply
      1

      Copyright © 2024 NodeBB | Contributors
      • Login
      • Don't have an account? Register
      • Login or register to search.
      Powered by NodeBB Contributors
      • First post
        Last post
      0
      • Home
      • Categories
      • Recent
      • Popular
      • World
      • Top
      • Tags
      • Users
      • Groups
      • Documentation
        • Home
        • Read API
        • Write API
        • Plugin Development