[General] FT Cache Compromised (Again)
Majed B.
majedb at gmail.com
Wed Dec 3 14:55:31 +03 2008
You can't cache encrypted sessions on an ISP level (possible on
corporate level if the appliance is doing a Man-In-The-Middle scheme
-- Like BlueCoat)
It happened a while back and a friend was able to see other FT users'
GMail inboxes!
What are the users to do now? Not all websites have encryption when it
comes to post-authentication pages :/
Thanks for the information Burhan!
On Wed, Dec 3, 2008 at 12:25 PM, <kuwait at q8net.com> wrote:
> Thanks, is it announced anywhere on the web? Do they cache encrypted sessions too? i highly doubt that though.
>
>
> --- On Wed, 12/3/08, Burhan Khalid <burhan at kuwaitnet.net> wrote:
>
>> From: Burhan Khalid <burhan at kuwaitnet.net>
>> Subject: [General] FT Cache Compromised (Again)
>> To: "General OpenSource Discussion" <general at oskw.org>
>> Date: Wednesday, December 3, 2008, 11:48 AM
>> Salaam All:
>>
>> Seems FT's cache has been compromised again. Suggest
>> you use a proxy, and optionally change your DNS servers. I
>> personally use the following:
>>
>> # QualityNET
>> 195.226.224.72
>> 195.226.224.74
>>
>> # Verizon
>> 4.2.2.2
>> 4.2.2.3
>> 4.2.2.4
>> 4.2.2.5
>> 4.2.2.6
>>
>> # OpenDNS
>> 208.67.222.222
>> 208.67.220.220
>>
>>
>> Regards,
>> --
>> Burhan Khalid
>>
>> _______________________________________________
>> General mailing list
>> General at oskw.org
>> http://mail.oskw.org/mailman/listinfo/general_oskw.org
>
>
> _______________________________________________
> General mailing list
> General at oskw.org
> http://mail.oskw.org/mailman/listinfo/general_oskw.org
>
--
Majed B.
More information about the General
mailing list