Ever noticed the “https:” in the URL on your address bar and the small padlock which docks itself nicely at the bottom of your window? Well, if the answer is “Yes”, you were checking a website which has the SSL transmission protocol implemented.

Earlier, we were all apprehensive in making an online payment because we all knew that there are people who call themselves “hackers” who like to live with our money. Then came in a period where in which the whole Internet community constituting all the good people researched on numerous ways to keep those “hackers” at bay. After a lot of painstaking and less fruitful attempts by Netscape as well as a handful of consortiums came the Secure Sockets Layer in the January of 1999.

SSL is a data security protocol and is implemented on websites dealing with sensitive information like an online bank account or an online payment system. The protocol helps millions of users of Internet each day send sensitive information safe and secure from the hands of those prying hackers who hack your bank account number or credit card information and their respective passwords or PINs.

SSL uses certificate authorities to send information over the Internet. When a user requests for a secure website, the browser requests for the secure page and adds the “s” onto the “http”. After that, the browser sends the public key and the certificate checking the following:

  1. Whether the certificate is from a trusted party.
  2. Whether the certificate is valid.
  3. Whether the certificate is related with the site from which it comes.

The browser then uses the public key to encrypt a randomly selected symmetric key. Most systems use a combination of public-key and symmetric key encryption. When two computers initiate a secure session, one computer creates a symmetric key and sends it to the other computer using public-key encryption. The two computers can then communicate using symmetric-key encryption. Once the session is finished, each computer discards the symmetric key used for that session. Any additional sessions require that a new symmetric key be created, and the process is repeated.

All that technical, yet useful process that the SSL cryptographic protocol does helps us a lot in keeping us safe over the Internet. Now, with the SSL implementation, web browsing, e-mail, online payment, online data transfer and even online banking can happen with the safety from those above said hackers.

Explore More

Critical Blind SQL Injection (vulnerability) in The Best Myanmar Website (burmeseclassic.com)

PlanetCreator has reported another critical Blind SQL Injection (vulnerability) on http://www.burmeseclassic.com/ This vulnerability has been alerted to :- Webmaster of BurmeseClassic Applications: ———— PlanetCreator’s_Universal_Advanced_Internet_Security_T00L System Time: ———— (UTC+08:00) Yangoon, Myanmar

Read More

Study on the undetectable Server Bifrost 1.2d for the AV

1. Objective Trying to make the Bifrost Server 1.2d which is the latest version of a remote control KSV undetectable to Antivirus Software Required —– description ———————————————————————— Download Bifrost 1.2dR.AT

Read More

Critical SQL Injection (http://www.mysuboo.com)

Today we shall consider the SQL Injection error on the site http://www.mysuboo.com/. Applications: ———— PlanetCreator’s_Universal_Advanced_Internet_Security_T00L System Time: ———— (UTC+08:00) Kuala Lumpur, Singapore, 03/23/2010 01:01:56 AM Site : http://www.mysuboo.com/ SQL Version

Read More