View Single Post
  #1  
Old 31st May 08, 02:01 AM
NewsBot's Avatar
NewsBot NewsBot is offline
Senior Member
 
Join Date: Oct 2004
Posts: 31,559
NewsBot will become famous soon enough
Students crack Microsoft CardSpace
Students at the Ruhr University of Bochum, Germany, say they have found a way to steal security tokens in Microsoft's new CardSpace authentication framework. Attackers can apparently get access to protected, encrypted user data – such as passwords, credit card numbers, and delivery addresses – when they are transmitted. CardSpace (formerly InfoCard) is the successor to Passport. In both architectures, users' personal data are stored locally on the user's system.

Depending on the web site, users can decide which data they want to transmit. CardSpace is designed to make classic passwords a thing of the past, by replacing them with digital certificates that may be self-signed or signed by an authoritative CA such as Verisign.

Link: heise.de

Read full story...



More...
Reply With Quote