Slashdot Mirror

← Back to Stories (view on slashdot.org)

New HTTPS Bicycle Attack Reveals Details About Passwords From Encrypted Traffic (softpedia.com)

Posted by samzenpus on Wednesday January 6, 2016 @12:18PM from the protect-ya-neck dept.

campuscodi writes: Dutch security researcher Guido Vranken has published a paper [PDF] in which he details a new attack on TLS/SSL-encrypted traffic, one that can potentially allow attackers to extract some information from HTTPS data streams. Attackers could extract the length of a password from TLS packets, and then use this information to simplify brute-force attacks. The new HTTPS Bicycle Attack can also be used retroactively on HTTPS traffic logged several years ago. Hello NSA!

2 of 78 comments (clear)

Min score:

Reason:

Sort:

https bicycle attack by PopeRatzo · 2016-01-06 13:52 · Score: 4, Funny

I think this is taking the Internet of Things too far.

--
You are welcome on my lawn.
Re: We need to ban them immediately by Zoxed · 2016-01-06 19:00 · Score: 3, Funny

> Good citizens should stick to unicycles.
You have nothing to lose but your chains.