System thwarts "man in the middle" attacks

Discussion in 'other security issues & news' started by axial, Aug 26, 2008.

Thread Status:
Not open for further replies.
  1. axial

    axial Registered Member

    Joined:
    Jun 27, 2007
    Posts:
    477
    article


    This sounds encouraging.
     
  2. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,921
    Location:
    U.S.A.
  3. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    I read this before on softpedia and installed the addon.
     
  4. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    But what if the Perspectives FF addon was really written by student criminal hackers and is a nasty script that points your browser to criminal websites that then obtain your personal details?
     
  5. True Orient

    True Orient Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    88
    I just love Open source. Don't you?
     
  6. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.
    Have been trialing Perspectives for a couple of weeks.
    From what I have learned it definitely has potential. :thumb:
     
  7. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    I feel good when people are so optimistic!:D
     
  8. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,921
    Location:
    U.S.A.
    For the record, the program was written by the Carnegie Mellon's School of Computer Science, developed by David Andersen (Assistant Professor of Computer Science), Adrian Perrig (Associate Professor of Electrical and Computer Engineering) and Dan Wendlandt (a Ph.D. student in computer science).

    As I pointed out to truthseeker on another thread, if these 3 individuals are possible hackers, risking the reputation of a world renown institution such as Carnegie Mellon, then we all better disconnect from the Internet right now because we won't be able to trust anyone in this world.
     
  9. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    Opensource doesn't do me and millions of others any good. Reason is because I and millions of others cannot read or understand the source code.

    The source code doesn't make sense to me, as I am not a qualified or experience programmer.

    Are you? have you read every single line of code and understood every function and command?

    Seeing I cannot read or understand the source code, how can I be 100% certain it doesn't contain any bad code that will do me harm? If I then ask someone who knows to read the source code, how can I trust that person, because I don't know anyone personally who understands source code.
     
    Last edited: Aug 30, 2008
  10. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    If a human being is approached by large criminal organisations and offered a large amount of money, humans will risk everything.

    Just because someone works for a well known or reputable place, doesn't mean anything. History has shown that even in some of the biggest and well known and reputable companies and organisations, a person has committed crimes and ripped of the public and its shareholders.

    You are dealing with humans here my friend, don't underestimate the lenghts some people will go to make money, it's called greed.

    A world renown institution such as Carnegie Mellon is never immune from having people work in it that could commit law breaking acts such as writing a piece of software that will redirect a person to a criminal website that looks like the banks website.

    Don't so be so naive and gullible. Must be cautious of everyone, no matter where they work.
     
  11. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Lol, I feel like I'm looking at a mirror image of myself when I read this post. I don't mean that offensively because I more or less believe the same way, but there's a big ol' however that needs to be inserted here so as to keep this fair. That big ol' however is this: Open source is very much "open" to malicious coding, tricks and whatnot, BUT, one of the purposes of open source is that everyone who CAN understand the coding can freely pour over it to check for maliciousness, poor code, or just plain flawed code. Unlike closed source where nobody but the developers have any clue what's in there and all we can do is hope everything checks out ok.

    The one roadblock to this openess though is that unless it's a widely used open source program, there's a chance not enough people or the right people have checked the coding out so malicious programs can slip under the radar. Have no doubt, there are disadvantages and advantages to open source. Just as with every other program, it all boils down to the integrity of the developer and the care and time he/she puts into their creations.
     
  12. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    FFS lets not go down the path of the other thread with a 'discussion' on trust and actually talk about this new addon.

    Whose servers will it use to do the other checks?
     
  13. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,921
    Location:
    U.S.A.
  14. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    Yes, your post made a lot of sense. And that is my point.. at the end of the day, unless I am qualified and educated in reading and understanding the source code, I have no 100% way of knowing what it does.

    For me to be sure, I would need to be able to read and understand the source code and then compile it myself.

    P.S You looking good in that mirror my friend :p
     
  15. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    I agree, that's why I strongly suggest researching any new/lesser known application before letting it loose on your system. A place like Sourceforge can be an Open Source dreamland, but take care that there aren't any monsters lurking in any closets or under the beds. I always try to look my best hehe.
     
  16. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    LOL :D
     
  17. Fontaine

    Fontaine Registered Member

    Joined:
    Jan 29, 2008
    Posts:
    245
    On that note, could the same argument be made against packages that are installed on Linux? Or even Linux distros themselves?
    This looks like a promising FF extension. Good to see the open source community keeping up with the threats out there.
     
Loading...
Thread Status:
Not open for further replies.