IE and Konqueror Bug Makes SSL Insecure

Spad writes "The Register reports that IE and Konqueror both have a bug that allows anyone with a legit Verisign SSL certificate to issue a 'legit' certificate for a 3rd party site. IE and Konqueror don't both to check the issuer of this intermediate cert making SSL in both browsers something of a joke". Update by Hetz: if you're using KDE from CVS, the fix is inside or you can wait to next week for KDE 3.0.3 (which will have more fixes for KDE 3.0). Thanks to Waldo bastian for the blazing fast fix (95 minutes since it was reported).

FP

Suck it.

SSL

First stolen credit card post.

Come on!

[sofo]

You can plaster Slashdot with horrid Star Wars and Lord of the Rings spoof ads. but you cannot check the spelling and grammar of the posts.

Scary

Beating the Slashdot Effect

Here is my great idea for beating the Slashdot Effect. It is guaranteed to be effective - just follow these easy steps:

1. Don't assume that just because a site appears on slashdot that it is going to be:
[a] even remotely interesting
[b] within the realms of your tiny brains to understand
[c] in any way related to anything that will ever improve your life, health, career, sex-appeal etc

2. Don't complain about the "poor little site" that got slashdotted. In order to know the site has gone down, you must have clicked the link numbnuts. And NO, pressing F5 doesn't improve your chances.

3. If by chance you see a site that you really need to visit consider these options:
[a] check the google cache
[b] go read about it on The Register - the Brits are much more capable reporters than the Slashdot baboons.
[c] wait until tomorrow. contrary to james bond films, the world is not full of evil geniuses hell-bent on destroying the world and robbing you of your precious internet.

4. Finally if you are one the egotistical maniacs who think that posting a story to slashdot will help you make friends consider the following:
[a] make a mirror of the poor site before you post
[b] stop. think. is it worth it? the slashdot baboons are NOT going to invite you round their house for tea.
[c] i know that this is hard to understand but kudos does not exist. its all in your head. geeks don't like each other - they are geeks for christ sake.
[d] if you found something cool on a news site, take a moment to think about it. Its on a news site already. A place where people go to read news.

Re:Huh?

Grabble googolo Konqueror guiq IExplorer fa grety SSL powomat guiq.
(atleast how i interpreted it.)

Watch this

Watch the above post get moderated down to -1 Troll by some zealous Mozilla-head...

It's the front page! ARG.

[debiandude]

Can't we check before we post!

IE and Konqueror don't both to check the issuer of this intermediate cert making SSL in both browsers something of a joke

Re:So?

[dasmegabyte]

Sorry for all the misspellings in this post. I had to go to the bathroom since I started typing it.

Re:Heh

and "regulations" have them up to 4 days late....

you mean it's not?

Re:both? what?

Maybe he used a spellchecker and it went something like:

"bothr" doesn't exist, replace with "both"? Yes.

Re:Grammar?

[Winterblink]

So many Slashdotters feel they are more intelligent than the average user and the unwashed masses, yet the editors and the submitters can't properly proof read stories.

Nice summary, right there. That should tell you one thing: many slashdotters are frickin' morons (as evidenced by the anti MS bias that's reached childish levels). I've noticed this lack of proofreading as well, it's become pretty bad as of late. How hard is it to spend an extra few seconds to preview a submission or comment before clicking Submit?