Because the bug is actually in the spec (and
because of an incomplete spec) there is no
obvious solution which will not risk breaking a
lot of software.
On the positive side, the vuln can only be
exploited by someone on the network path (it is
a man-in-the-middle attack), which means that
your network admin, the admins at your ISP (and
intelligence services) etc. can use this to
snoop on traffic, but a malicious site can not.
Discussion on:
Message 1 of 1
IBM Sponsored Resources
Resources from our Sponsor
- Oracle Exadata vs IBM: Netezza Compared
- Forrester TEI Report
- CIA Whitepaper
- Harnessing the Power of Advanced Analytics
- Tapping into Unleashed Business Potential with Advanced Analytics
- Unlock Analytic Performance with Revolution R for Enterprise and IBM: Netezza Data Warehouse Appliance
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
