PhoneFactor CTO Steve Dispensa to Speak at RSA 2010
Steve Dispensa, CTO and Co-Founder of PhoneFactor, will be participating in a panel discussion on responsible disclosure at RSA 2010. Steve will be joined by representatives from Adobe, PayPal, Continental Airlines, and The Metasploit Project and moderator Martin McKeay for a discussion on the role researchers, vendors, and customers play in the responsible disclosure debate. [...]
Implications of the Twitter attack using the SSL gap
When we released the SSL authentication gap details a couple of weeks ago, I was convinced that this was a serious issue that needed immediate attention. Although most everyone agreed, there were a few commentators out there that weren’t as concerned about the problem as I was. Well, fast-forward a few days, and the situation [...]
PhoneFactor Team Discovers Vulnerability in SSL Authentication
Earlier this week, PhoneFactor released the details of a serious vulnerability in SSL/TLS authentication, which was discovered by PhoneFactor team members Marsh Ray and Steve Dispensa in August 2009. The SSL authentication gap allows for a standard man-in-the-middle attack in which an attacker is able to inject malicious data and commands into the authenticated SSL [...]
