Appliance subverts SSL encrypted sessions

A device marketed by a company called Packet Forensics enables law enforcement agencies to execute a classic man-in-the-middle attack on SSL sessions using forged keys. This effectively gives them unencrypted access to all data within the session that the client and server thinks is secured.

It would appear that your SSL session may no longer be as secure as you think it is. Interesting times indeed.

Click the link above for the full story on Wired.