SSL encryption hacked

stephen barncard stephenREVOLUTION2 at
Wed Sep 21 18:20:27 EDT 2011

So we're all screwed?

On 21 September 2011 14:12, Bob Sneidar <bobs at> wrote:

> "The fatal flaw making exploitation possible is the failure of JavaServer
> Faces to implement AES/DES encryption algorithms correctly. The scheme
> provides no way to sign the ciphertext or authenticate the block cipher
> mode."
> That says it all. Incorrect implementation of server software.
> Bob
Stephen Barncard
San Francisco Ca. USA

more about sqb  <>

More information about the Use-livecode mailing list