Should gov.my take control their own SSL/TLS Cert? The danger of man of middle attack by using false certs. http://tech.slashdot.org/story/11/08/30/0253254/another-ca-issues-false-certificates-to-iran
On Sat, Nov 5, 2011 at 1:24 AM, jep <[email protected]> wrote: > sad but true :(~ > > i bet u all can imagine the impact if "sakai²" I.T (not skiddies or lame > defacer) know how to take the opportunities from this event/news > > hint: bigger picture is big, the box is small > > On 11/4/2011 8:25 PM, Hazrul Hamzah wrote: >> Somehow I do think that responding to incident is not our forte.. Sad >> though ;) >> >> On 04/11/2011 20:00, Adli Abdul Wahid wrote: >>> And until now, there's no official response from them. >>> >>> - adli >>> >>> >>> On Fri, Nov 4, 2011 at 6:33 PM, Ang Chin Han<[email protected]> wrote: >>>> It has deeper implications than that: >>>> http://blog.mozilla.com/security/2011/11/03/revoking-trust-in-digicert-sdn-bhd-intermediate-certificate-authority/ >>>> http://blogs.technet.com/b/msrc/archive/2011/11/03/untrusted-certificate-store-to-be-updated.aspx >>>> http://code.google.com/p/chromium/issues/detail?id=102530 >>>> >>>> _______________________ -- Malaysia Open Source Software Conference 2011 MOSC2011 http://www.mosc.my/ Malaysia Open Source Conference 2012 (MOSC2012) http://portal.mosc.my/ LinuxMalaysia Network http://www.facebook.com/Bukan.Sekadar.Internet.Sahaja Harisfazillah Jamel _______________________________________________ OWASP-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.my OWASP Malaysia Facebook http://www.facebook.com/OWASP.Malaysia OWASP Malaysia Twitter #owaspmy http://www.twitter.com/owaspmy
