New SSL attack revealed at Black Hat
A new SSL attack has been revealed at the Black Hat conference, as described here. This new attack is the latest twist on the venerable man-in-the-middle (MITM) attack. MITM depends on a user being fooled into going to the wrong Web site, and common techniques for doing so include phishing e-mails, false wireless hotspots, and most recently poisoning of insecure DNS servers. What makes this attack different from previous MITM attacks is that it can cause an SSL lock icon to appear in the browser. Online criminals have been using low-authentication SSL Certificates in phishing attacks at least since 2005, so it doesn't seem like this innovation meaningfully compromises the end user's security.
The best way to combat the full set of MITM and phishing attacks in the wild today is through Extended Validation (EV) SSL Certificates. EV SSL Certificates definitively confirm the identity of the organization that owns the site you're visiting. Online criminals do not have access to EV SSL Certificates for the sites they're counterfeiting, and therefore this attack and its bretheren won't simulate EV SSL. This attack highlights how important it is for site operators to migrate to EV SSL and for end consumers to demand that they see a green address bar before putting in any confidential information, including logins..