Profile of Mike FrattoFormer Network Computing Editor
News & Commentary Posts: 96
Mike Fratto is a principal analyst at Current Analysis, covering the Enterprise Networking and Data Center Technology markets. Prior to that, Mike was with UBM Tech for 15 years, and served as editor of Network Computing. He was also lead analyst for InformationWeek Analytics and executive editor for Secure Enterprise. He has spoken at several conferences including Interop, MISTI, the Internet Security Conference, as well as to local groups. He served as the chair for Interop's datacenter and storage tracks. He also teaches a network security graduate course at Syracuse University. Prior to Network Computing, Mike was an independent consultant.
Articles by Mike Fratto
posted in August 2008
Researchers at Carnegie Mellon University have proposed a system whereby you can ensure that when you attach to a server that uses SSH or a self-signed digital certificate and you haven't verified the authenticity of the host identity beforehand, you aren't subject to a man in the middle attack.
An unknown certificate is a failure in SSL/TLS, and that's how it should be. Ever since Firefox 3 came out, the way it presents SSL-enabled Web sites with self-signed certificates has been called scary and hurtful. Untrusted self-signed certificates should be scary because untrusted self-signed certificates are a failure in SSL/TLS, and a failure in your authen
Why is Cisco equipment counterfeited? Because, according to an FBI presentation, Cisco has market share.
There seems to be a lot of confusion about the relationship between DNS and SSL. Even a slip of the virtual pen, a mistake I recently made, only adds to the problem. The recent DNS forgery issue that Kaminsky talked about in his Black Hat session doesn't break SSL in any way.
Up until Matasano mistakenly let the cat out of the bag about the DNS forgery attack that Dan Kaminsky found, lots of experts were downplaying the problem as old and known. Once the details were released, those same folks agreed, that yes, the problem Kaminsky found was that bad. Since Kaminsky gave his presentation about the DNS vulnerab