Linked by Thom Holwerda on Tue 25th May 2010 21:37 UTC
Google Looking at the past few week of Google news, you'll be forgiven for thinking Google doesn't do anything else beyond making Android. While there's sexier stuff going on within Google, the company is also still trying to improve its core user service: search. They've launched encrypted search today, and it will be rolled out across the world in the coming days.
Permalink for comment 426900
To read all comments associated with this story, please click here.
Member since:

Actually, third party certificate validation isn't as rock solid as people like to think either. Unless you pay the premium protection racket fee for cert that validates all the way back up the chain (usually involving a grand or two in fees and a background check) MITM is still mostly limited by being able to position one inbetween of the two stream ends.

Mix a little Dan Kaminski DNS magic with some Moxie Marlinspike SSL MITM and whammo!

So, it's still down to bit strength and strong cert validation.

Edited 2010-05-27 18:29 UTC

Reply Parent Score: 2