Black Hat founder: SSL is broken

By Iain Thomson

Jul 29, 2010 11:56 AM

U.S. Department of Homeland Security is on the case.

The founder of the Black Hat conference has told delegates that the secure socket layer (SSL) encryption used in the majority of ecommerce is broken.

Speaking a the keynote of the 2010 Black Hat briefings, founder Jeff Moss was scathing about the current state of internet security for businesses and consumers.

“Thirteen years down the line since the first conference and we're still not able to conduct business online,” he said.

“SSL is broken, and while it's great to see things are going better now, it's a long way down the line.”

However, security specialist Dan Kaminsky disagreed, saying SSL was still useful.

While the situation wasn't perfect, the US government is working to sort out problems and make cyberspace safe for citizens, Jane Holl Lute, US Deputy Secretary of the Department of Homeland Security (DHS), told delegates in her keynote. One of the key remits for the DHS was securing cyberspace she said.

“Wars end lives, but cyberspace destroys them,” she said.

The speed of technological advancement was such that the tools that are now available are almost beyond our ability to use them, she told delegates.

The DHS was gearing up for a comprehensive cybersecurity exercise later this year, she said.

2 comments in this discussion

"It's simple btone. In a war - generally you can just die = by bullet, etc... killed in war is nothing... Cyberspace does have (as many have seen over the years) the ability to destroy your life, ..."

By RaTTyRaTT

Security researcher gets bail in India

Zurich UK cops $4m data loss fine

India chases leak of e-voting machine: report

Analysts probe for strategy behind Intel's McAfee buy

Breaking Stories

VentraIP shifts racks out of Global Switch

Defence invites ICT procurement advice

AAPT shooting blanks over email

ALP wins Wilkie's support for poker machine tech

VMware to overhaul service provider licensing

Comments: 2

Thoughts on this article? Add a comment below.

btone

Jul 30, 2010 7:13 AM

'One of the key remits for the DHS was securing cyberspace she said'.

“Wars end lives, but cyberspace destroys them,” she said.

Umm, please explain?

'The speed of technological advancement was such that the tools that are now available are almost beyond our ability to use them, she told delegates.'

Umm, ok, umm...

US White House appointed 'czars' really need to get some decent scriptwriters to avoid sounding like scareware purveyors.

RaTTyRaTT

Jul 30, 2010 10:25 AM

It's simple btone.

In a war - generally you can just die = by bullet, etc... killed in war is nothing...
Cyberspace does have (as many have seen over the years) the ability to destroy your life, without actually killing you. Phishing attacks, targeted bullying, posting sullying information (real or fake) about someone, identity theft (I'm sure Mossad did apologize to those Aussies who can never fly to 'certain' countries now...) etc. This is what she means - and it is a valid fact that what is 'posted' on the net, 'stays' on the net. This is why we are always warning kids and teens not to put up things that they don't want people to know about 25 yrs on... (aka: pics of themselves inappropriately attired.)

I deal with these kinds of issues and know this stuff well. You see lives destroyed (but they are still alive) and in some cases they commit suicide (teenagers take it the worst.)

Do you see the point now from that view?

Black Hat founder: SSL is broken

U.S. Department of Homeland Security is on the case.

Latest VideosSee all videos »

Latest Comments

Polls