SLUG Mailing List Archives

To: slug@xxxxxxxxxxx
Subject: [SLUG] Re: XecureBrowser - looks like snake oil to me.
From: Daniel Pittman <daniel@xxxxxxxxxxxx>
Date: Thu, 11 Nov 2010 11:35:52 +1100
Reply-to: slug@xxxxxxxxxxx
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/23.2 (darwin)

peter@xxxxxxxxxxxxxxxxxx writes:

> I don't know about the XecureBrowser itself, but secure browser operating
> systems is a huge research area at present.  SSL *has* been cracked ---
> there're a couple of known timing and man-in-the-middle attacks --- but if
> you use good keys, and disable attacking sites (they'd be pretty obvious:
> see the paper http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf for the
> classic explanation of one such attack -- there are a couple more) you
> should be safe for now.

Yup.  I absolutely agree with this (and those attacks did make the "news"
too. :)

My issue is not the idea of a secure browser, but the claimed implementation
of one.
        Daniel
-- 
✣ Daniel Pittman            ✉ daniel@xxxxxxxxxxxx            ☎ +61 401 155 707
               ♽ made with 100 percent post-consumer electrons

References:
- [SLUG] Browsers for banking
  - From: Jim Donovan
- Re: [SLUG] Browsers for banking
  - From: Jeremy Visser
- Re: [SLUG] Browsers for banking
  - From: Mada R Perdhana
- XecureBrowser - looks like snake oil to me. (was Re: [SLUG] Browsers for banking)
  - From: Daniel Pittman
- Re: XecureBrowser - looks like snake oil to me. (was Re: [SLUG] Browsers for banking)
  - From: peter

Messages sorted by: [ date | thread ]
Prev by Date: Re: XecureBrowser - looks like snake oil to me. (was Re: [SLUG] Browsers for banking)
Next by Date: [SLUG] Re: XecureBrowser - looks like snake oil to me.
Previous by thread: Re: XecureBrowser - looks like snake oil to me. (was Re: [SLUG] Browsers for banking)
Next by thread: Re: XecureBrowser - looks like snake oil to me. (was Re: [SLUG] Browsers for banking)

[SLUG] Re: XecureBrowser - looks like snake oil to me.