Archive - November 2000
A Certified Lack of Confidence: The Threat of Rogue Certificate Authorities
For more than a decade, computer generated digital certificates have made it possible to authenticate the identity of computer systems, data, and web sites by connecting a public key with an identity such as an owner’s name. The process relies on trust. “Secure” websites utilize such a certificate to validate their identity. This digital certificate is usually procured from a company that will verify the identity of the company administrating the site. The digital certificate issued to them will be validated by a trusted root certificate authority or by a server that is trusted by the trusted root. This chain of certificates is called a certificate hierarchy. A small group of trusted certificate authorities is installed on computers within the operating system. These authorities include such names as Equifax, VeriSign and Thawte. So what happens when the system breaks down?
Gone Phishing: Understanding Email Scam Tactics
Scams exist. That is the simple truth, there are honest people and then there are others who try to cheat. Email and the technology age facilitate scamming through email. Often these emails promise jobs or an irresistible offer, but sometimes they are more subtle then that. This article analyzes the types of email phishing traipsing around the World Wide Web so that, armed with the knowledge of email phishing attacks, you can avoid them in the future.
