2276 stories
·
6 followers

Internet protocols are changing

1 Share

Article URL: https://blog.apnic.net/2017/12/12/internet-protocols-changing/

Comments URL: https://news.ycombinator.com/item?id=15906664

Points: 192

# Comments: 47

Read the whole story
Sjon
4 days ago
reply
Share this story
Delete

High-Level Problems with Git and How to Fix Them

1 Share

Article URL: https://gregoryszorc.com/blog/2017/12/11/high-level-problems-with-git-and-how-to-fix-them/

Comments URL: https://news.ycombinator.com/item?id=15902995

Points: 213

# Comments: 155

Read the whole story
Sjon
5 days ago
reply
Share this story
Delete

Nope, this isn’t the HTTPS-validated Stripe website you think it is

1 Share

Enlarge (credit: Ian Carroll)

For a decade, some security professionals have held out extended validation certificates as an innovation in website authentication because they require the person applying for the credential to undergo legal vetting. That's a step up from less stringent domain validation that requires applicants to merely demonstrate control over the site's Internet name. Now, a researcher has shown how EV certificates can be used to trick people into trusting scam sites, particularly when targets are using Apple's Safari browser.

Researcher Ian Carroll filed the necessary paperwork to incorporate a business called Stripe Inc. He then used the legal entity to apply for an EV certificate to authenticate the Web page https://stripe.ian.sh/. When viewed in the address bar, the page looks eerily similar to https://stripe.com/, the online payments service that also authenticates itself using an EV certificate issued to Stripe Inc.

The demonstration is concerning because many security professionals counsel end users to look for EV certificates when trying to tell if a site such as https://www.paypal.com is an authentic Web property rather than a fly-by-night look-alike page that's out to steal passwords. But as Carroll's page shows, EV certs can also be used to trick end users into thinking a page has connections to a trusted service or business when in fact no such connection exists. The false impression can be especially convincing when end users use Apple's Safari browser because it often strips out the domain name in the address bar, leaving only the name of the legal entity that obtained the EV certificate.

Read 4 remaining paragraphs | Comments

Read the whole story
Sjon
5 days ago
reply
Share this story
Delete

Cards Against Humanity Redistributes Your Wealth

1 Share

Article URL: https://cardsagainsthumanityredistributesyourwealth.com/

Comments URL: https://news.ycombinator.com/item?id=15888771

Points: 277

# Comments: 154

Read the whole story
Sjon
6 days ago
reply
Share this story
Delete

A beginner’s guide to getting started in the cryptocurrency world

1 Share

Article URL: https://blog.goodaudience.com/a-beginners-guide-to-getting-started-in-the-cryptocurrency-world-69c50516be71

Comments URL: https://news.ycombinator.com/item?id=15891344

Points: 320

# Comments: 150

Read the whole story
Sjon
6 days ago
reply
Share this story
Delete

Bitcoin nu al 2 bitcoin waard

1 Share

De koers van de bitcoin blijft maar stijgen. Eén bitcoin is inmiddels twee bitcoin waard. Daarmee is de cryptomunt boven zichzelf uitgestegen.

Financieel expert Houtert Oldebrink verwacht dat de koers van de bitcoin nog verder zal stijgen: “Eén bitcoin is nu twee bitcoin waard, dus als je je bitcoin verkoopt krijg je daar twee bitcoins voor die per stuk dus twee bitcoins waard zijn, dus eigenlijk is één bitcoin vier bitcoin waard. Naarmate meer mensen dat rekensommetje gaan maken, zal de koers stijgen naar vier bitcoin en is de bitcoin dus eigenlijk zestien bitcoin waard.”

Het monumentale werk 100 jaar De Speld – Deel I is nu verkrijgbaar, bestel het hier.
9 van de 10 tandartsen raden dit boek aan.

Read the whole story
Sjon
9 days ago
reply
Share this story
Delete
Next Page of Stories