Hacker News new | past | comments | ask | show | jobs | submit login

I thought the same. I think at this point we've graduated from "there's already a metasploit / other open source code for it" to "it's probably possible, if you are fairly determined but not necessarily the NSA". There's probably a few CAs with lax security procedures, just given how many there are... but hacking one is a much bigger endeavor than SSL stripping.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: