Overclock.net › Forums › Industry News › Software News › [ars]Researchers crack W3C encryption standard for XML
New Posts  All Forums:Forum Nav:

[ars]Researchers crack W3C encryption standard for XML

post #1 of 3
Thread Starter 
Quote:
There's new reason to be leery about relying on Web-based services to handle sensitive data. A pair of German researchers revealed at the ACM Conference on Computer and Communications Security in Chicago this week that they have discovered a way to decrypt data within XML documents that have been encrypted using an implementation of the World Wide Web Consortium's XML Encryption standard.

...It [XML encryption] can be used, for example, to encrypt credit card information for a payment within an XML-based purchase order, so that the general data can be accessed by everyone who needs to have access to it while access to the financial data is limited to the people or systems authorized to process it.

Fixing the vulnerability will require a total rewrite of the W3C standard. "There is no simple patch for this problem,†Somorovsky said in a statement issued by Ruhr University Bochum. “We therefore propose to change the standard as soon as possible.â€
source
post #2 of 3
Ouch.
     
CPUMotherboardGraphicsRAM
Intel Core i5 2500k @ 4ghz Asus P8P67 pro Gigabyte GTX780 12GB Corsair RAM (2/3 vengance, 1/3 XMS3) 
Hard DriveHard DriveHard DriveOptical Drive
500gb Spinpoint f3 Samsung 840 EVO 120gb Seagate 7200.14 2tb Samsung dvd+-rw 
CoolingOSMonitorMonitor
Noctua NH-D14 Windows 7 ultimate x64 LG 24MP55 x2 LG 32LD450 
KeyboardPowerCaseMouse
Dell thing. Corsair TX650 Coolermaster cm690 Logitech G500 
Mouse PadAudioAudio
none Xonar DG and logitech X-540 Beyer DT770 PRO 
CPUMotherboardGraphicsRAM
AMD A6-4455m 2.1ghz Dual Covered in tea stains Radeon 7500G 6GB 
Hard DriveOptical DriveCoolingOS
SSD soon None Inadequate Win7 of course 
MonitorKeyboardCase
It's awful A bit meh, Bodged hinge repair (Nut and bolt through back ... 
CPUMotherboardGraphicsRAM
Celeron M 360 1.4ghz Packard bell easynote (lynx banias) Intel 855gm 768mb 
Hard DriveOptical DriveOSMonitor
50gb seagate Cd dvd combi XP sp3 15 
KeyboardPowerCaseMouse
one with buttons Brick It has one It has leds 
Mouse Pad
my lap or the chair 
  hide details  
Reply
     
CPUMotherboardGraphicsRAM
Intel Core i5 2500k @ 4ghz Asus P8P67 pro Gigabyte GTX780 12GB Corsair RAM (2/3 vengance, 1/3 XMS3) 
Hard DriveHard DriveHard DriveOptical Drive
500gb Spinpoint f3 Samsung 840 EVO 120gb Seagate 7200.14 2tb Samsung dvd+-rw 
CoolingOSMonitorMonitor
Noctua NH-D14 Windows 7 ultimate x64 LG 24MP55 x2 LG 32LD450 
KeyboardPowerCaseMouse
Dell thing. Corsair TX650 Coolermaster cm690 Logitech G500 
Mouse PadAudioAudio
none Xonar DG and logitech X-540 Beyer DT770 PRO 
CPUMotherboardGraphicsRAM
AMD A6-4455m 2.1ghz Dual Covered in tea stains Radeon 7500G 6GB 
Hard DriveOptical DriveCoolingOS
SSD soon None Inadequate Win7 of course 
MonitorKeyboardCase
It's awful A bit meh, Bodged hinge repair (Nut and bolt through back ... 
CPUMotherboardGraphicsRAM
Celeron M 360 1.4ghz Packard bell easynote (lynx banias) Intel 855gm 768mb 
Hard DriveOptical DriveOSMonitor
50gb seagate Cd dvd combi XP sp3 15 
KeyboardPowerCaseMouse
one with buttons Brick It has one It has leds 
Mouse Pad
my lap or the chair 
  hide details  
Reply
post #3 of 3
If its online or can be accessed from online its never going to be secure. The odds of having a wave of hackers take it is better than a small army kicking in your door for it

Main reason I trust nothing online, even my basic newegg buys are in a paypal account with a bank account with zero funds till I actually want to buy something. Can't even trust Paypal to stay out of your bank account ~_~
    
CPUMotherboardGraphicsRAM
Q6600 GIGABYTE GA-EP45-UD3R (rev. 1.0) XFX GTX 260 868mb 192 Core 2x2GB G-skill PC6400 DDR2 800 
Hard DriveOSMonitorKeyboard
Western Digital Caviar Black WD5001AALS Windows 7 x64 1680x1050 Acer X223w 22" Logitech G11 
PowerCaseMouseMouse Pad
TX750w Corsair PSU Antec 900 Logitec MX-518 WoW Catclysm 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Q6600 GIGABYTE GA-EP45-UD3R (rev. 1.0) XFX GTX 260 868mb 192 Core 2x2GB G-skill PC6400 DDR2 800 
Hard DriveOSMonitorKeyboard
Western Digital Caviar Black WD5001AALS Windows 7 x64 1680x1050 Acer X223w 22" Logitech G11 
PowerCaseMouseMouse Pad
TX750w Corsair PSU Antec 900 Logitec MX-518 WoW Catclysm 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [ars]Researchers crack W3C encryption standard for XML