Smokey's Security Weblog

veritas odium parit

heise SSL Guardian: protection against unsafe SSL certificates

Https connections are often used to transfer important data, such as passwords, PINs, or credit card numbers. The browser ensures that the sender can be identified with a valid certificate and that the transferred data are encrypted. An error in the Debian Linux distribution has generated numerous certificates that are child’s play to crack. Many servers still use these weak certificates, even though it is impossible to establish a secure connection using them. The heise SSL Guardian checks the SSL certificates and warns you when it detects a weak one.

All Windows applications that use Windows CryptoAPI will be protected by SSL Guardian. This includes Internet Explorer and Outlook Express, as well as Windows Mail. However, SSL Guardian does not protect Firefox and Opera as these use their own crypto libraries and not CryptoAPI. In order to protect Firefox, the Firefox SSL Blacklist extension is needed, as this has a similar function.

The Guardian support Windows 2000, XP and Vista Operating Systems and is free.
There are two versions with different sized lists. The first is for users that have adequate bandwidth and time. The second is a third as large, but still detects more than 98% of the weak certificates.

More info and download: heise Security


July 12, 2008 - Posted by | Advisories, Downloads, Friends, News, Recommended External Security Related Links, Vulnerabilities | , , , , , , , ,

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: