George Ou

George Ou

Policy Director - Digital Society
Joined on November 16, 2008
Total Post Views: 62,148

About

George Ou is the Policy Director of Digital Society.  He was a Senior Analyst at ITIF.org and before that, he was Technical Director and Editor at Large at ZDNet and wrote one of their most popular blogs “Real World IT“.

Before journalism, Mr. Ou was a network engineer. He built and designed wired network, wireless network, Internet, storage, security, and server infrastructure for various fortune 100 companies. George Ou is also a Certified Informations Systems Security Professional (CISSP) #109250.

Except where otherwise noted, all postings by George Ou on CircleID are licensed under a Creative Commons License.

Featured Blogs

HTTPS Web Hijacking Goes From Theory to Practice

I've been privately talking about the theoretical dangers of HTTPS hacking with the developers of a major web browser since 2006 and earlier last month, I published my warnings about HTTPS web hacking along with a proposed solution. A week later, Google partially implemented some of my recommendations in an early Alpha version of their Chrome 2.0 browser... This week at the Black Hat security conference in Washington DC, Moxie Marlinspike released a tool called SSL Strip... more

The Problem With HTTPS SSL Runs Deeper Than MD5

The recent research highlighting the alarming practice of Secure Socket Layer (SSL) Certificate Authority (CA) vendors using the MD5 hashing algorithm (which was known to be broken since 2005) has shown a major crack in the foundation of the Web. While the latest research has shown that fake SSL certificates with MD5 hashes can be forged to perfection when the CA (such as VeriSign's RapidSSL) uses predictable certificate fields, the bigger problem is that the web has fundamentally botched secure authentication. more