Free Online
Password Manager
Save and share logins and private data. Autologin and secure access anywhere. www.passpack.com

Security FAQ

Is aSSL secure as SSL?

No. SSL is secure because it is a technology implemented at browser level so that when an HTTPS connection has been established, the browser checks the SSL Certificate before continuing.

Suppose that a hacker were to attack you with a man-in-the-middle (MiTM) attack. With an SSL connection, the attack would be successful only should the user click Ok when the browser alerts him saying that the certificate doesn't correspond to the connected server (the alert may also appear if some file is transferred over HTTP instead of HTTPS because in this file a hacker could inject malicious code).

Uhm... is aSSL secure?

If a hacker were to attack you with a MiTM attack during an aSSL connection, he could be successful. But MiTM attacks require great skill and a lot of organization. They are rare and a hacker would only be worth while to the hacker if he has a lot to gain for is efforts.

aSSL is designed for non-critical sites as chats, blogs, etc. where the potential payoff for hackers would be low, and therefore they would not be targeted by such attacks.

Password sniffing is much more diffuse because it is much easier. In fact, there are specific softwares that sniff the traffic, recognizes userid and passwords, and register them.

aSSL protects against these sniffers. When a server exchanges account information in clear HTTP, a sniffer can simply intercept all the data, but if the server exchanges the data via aSSL it is not possible to decode the passed data and so the level of security of the site is notably better.

 

Green

(c) 2006+ Francesco Sullo - Rome, Italy

 

Green