Gervase Markham wrote: >> If the attacker takes over my DNS server, or gets me to connect to the >> wrong DNS server, he can direct me to whatever site he likes. >> Obviously, this kind of pharming attack also works against bookmarks. > > > Not over SSL - you'd get warning dialogs.
Not if they get a replacement SSL certificate, after all no serial number warnings still... -- Best regards, Duane http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://happysnapper.com.au - Sell your photos over the net! http://e164.org - Using Enum.164 to interconnect asterisk servers "In the long run the pessimist may be proved right, but the optimist has a better time on the trip." _______________________________________________ Mozilla-security mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-security
