[LINK] Using Certificate pinning to make yourself more secure

Kim Holburn kim at holburn.net
Mon Sep 9 13:58:39 AEST 2013


Spooks break most Internet crypto, but how?

> First, such certificates would be useful only if the NSA was able to impersonate the website in what's known as an active man-in-the-middle attack, which can make the attack less scalable and harder to pull off. That forecloses the possibility of a passive eavesdropping, in which the NSA simply monitors and decrypts traffic passing between a website and a target. More importantly, the technique is easily detected through what's known as certificate pinning that's built into Google's Chrome browser, dedicated Twitter apps, and some security software.

More about pinning:

You can do certificate pinning in firefox with the extension: Certificate Patrol.

Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request 

More information about the Link mailing list