Greeners? I understood the words '10 minutes', and others like, 'magic', 'useless'… and stuff. But I must confess, unless some of the technical shinanigans has got words in like 'kittens' and 'fluffy bunnies', it goes over my little wooden head.
Quote from: Riggers on 20 September, 2011, 04:58:08 pmGreeners? I understood the words '10 minutes', and others like, 'magic', 'useless'… and stuff. But I must confess, unless some of the technical shinanigans has got words in like 'kittens' and 'fluffy bunnies', it goes over my little wooden head.It's ok, Riggers. Unless you bear some sort of resemblance to the person below, you cannot be expected to make sense of this stuff:
It can't be used to decrypt an HTTPS session that occurred in the past. It requires a man-in-the-middle attack to inject some javascript into the page in question so that it is executed whilst browsing that site in order to pad the block-chain cipher functions with enough of the right data that it starts spitting out the cookie data encrypted in a less secure way.In the 10 minutes it takes to do its magic most people will have completed the transaction and, hopefully, clicked on the 'logout' button, so the cookie for the Paypal session will be useless.
Summary: don't take any longer than you need.