Two security researchers demonstrated[1] an attack against encrypted SSL and TLS "cookies", which sometimes store credentials (for example, Google or Facebook) to keep a user logged in. The attack received a lot of media attention. This advisory aims at explaining what a potential attacker would need to do for a successful attack, and what can/must be done to mitigate it. Click for further details.
Lien vers l'article source