Ok, so I am not one of this security gurus. But since i develop software and also work a lot with the Microsoft dotnet Code Access Security (CAS) I’m always interested in funny security stuff. A friend of mine sent me an email. Of a University of Applied Science somewhere in Germany. They did a new Network Tutorial for students to connect with the Mail and Intranet. On page 7 you can read the following:
So what that means is, that the Browser can’t evaluate the Certificate. The solution for this problem is to continue anyway, or look closer to the certificate because the signing authority is the university it self. Therefore it’s trusted. So this is a daily WTF for me. It’s almost 2 Lines of code to create that certificate. What is the idea of this? Safe money for a trustworthy certificate? Safe time to create a free trustworthy certificate? The result is a secure communication which is as safe as writing down the pin of your credit card on it’s back. Yes, they really know what they're doing. NOT! Best thing about this story is, they offer courses like Bachelor of Computer Science and Business as well as Bachelor of Art in Computer Communications. Since we all know that Art is a very subjective thing, i agree with there decision.
No comments:
Post a Comment