VMware’s Project Octopus and others like ownCloud and Oxygen Cloud have stirred some interesting ideas about Application Security. Those applications that make use of SSL, nearly every web application, can make use of secure cloud storage for certificate verification means. What makes SSL MiTM attacks possible, is mostly related to poor certificate management. If there was a way to alleviate the need for the user to be involved in this security decision, then SSL MiTM attacks would be significantly reduced. Continue reading Application Security using Secure Cloud Storage
There has been quite a bit of discussion between myself, Tim Pierson, and others with respect to SSL man-in-the-middle attack possibilities within the virtual environment. But what are the chances that such an attack will happen, or that someone would know how to perform the attack? What does the attack depend upon? Continue reading Virtualization Related SSL MiTM Attack, chances?