E-Commerce in crisis: when SSL isn't safe
"It's not a problem of authentication but one of transactional authorization," says Bruce Schneier, leading security expert and CTO of Counterpane Internet Security. "No matter how hard you make the initial authentication for the end-user or hacker, the malware can just wait until the authentication is done and then manipulate the transaction."
At CIO Today.
[ Read more ]