By now we all know that you should not buy a product unless you see the little lock in your browser. The lock symbolizes that they are using an SSL Certificate which encrypts the page with 128 bit encryption. This has been in place for a long time and everyone online has come to trust it.

This is no longer the case.

Just before the new year it was exposed that SSL and MD5 were both cracked. That means we can no longer trust every site that has SSL.

Netcraft’s SSL Survey shows that 14% of valid third party SSL certificates have been issued using MD5 signatures . an algorithm that has recently been demonstrated to be vulnerable to attack by producing a fake certificate authority certificate signed by a widely-trusted third party certificate authority.

The researchers achieved this by producing a hash collision . they submitted valid certificate requests to a certificate authority (CA), while producing a second certificate that had the same signature but entirely different details. When the CA signed the valid certificate, the signature applied also to the invalid certificate, allowing the researchers to spoof any secure website that they liked. This attack is the first practical use against SSL of already-known attacks against the MD5 checksum algorithm.

How can I check if my SSL or the site I am using SSL is susceptible?

Double click the lock icon and look for the Signature Algorithm. If it says MD5 your SSL is not secure. If it says anything else you should be ok.

Here is what it looks like in IE…

and here in FireFox…

If you come across any SSL with MD5 then let them know about his post.

Note – All SSL’s sold by BlueFur.com do not use the MD5 so there is no need to worry if you purchased one from us.

Brrr. Now that we are in the dead of winter, it can get pretty cold out there. You may already have your scarf and winter coat ready to go, but what about those fingers of yours that are about to get frozen? The people at Budget Gadgets have just the right solution and it ties in with your geeky inclinations.

These USB-powered gloves plug into an available USB port on your computer, warming up the cotton gloves until they are nice and toasty. At that point, you can disconnect the USB cable, remove the warming pads, and slip on a pair of extra warm gloves. In this way, you won’t have to worry about venturing into that blizzard with fingers that will turn into icicles.

At the same time, these finger-less gloves can also be converted into mittens using the integrated flap. There is also a small hole in the thumb portion, in case you want that digit to breathe (or to interact with your iPhone). Yes, the design depicted here probably isn’t the most masculine option, but Budget Gadgets has a new version with some more manly color schemes now. Prices decrease with volume, starting at $6.18 each.

A recent edition of Dot Com Pho features these USB gloves, so watch the video to see them in action.

Congratulations to this weeks geek Marilyn. This weeks questions are…

1. What year was Batman first seen in comics?

2. What is Batman’s alter ego name?

3. Who are Batman’s side kicks?

4. What super villain once broke Batman’s back, leaving him crippled and wheelchair-bound?

5. What were the names of Bruce Wayne’s parents?

We have posted a lot on how to use twitter, why you should use twitter but never really explained how you can right now go out and make money with twitter.

This weekend you can follow these instructions to earn money using twitter…

If you do not have twitter already then step one will be to sign-up. In the past I have suggested you use twhirl but for making money hands down TweetDeck is going to work better.

So in the past I have suggested you start following people you found interesting. I still suggest you do that but to make money skip that step for now. Open up TweetDeck and click on the Search button. Type in what you want to search and click ok. This will open a new column with the results. Start scanning the results an reply to people. Let the sales game begin.

Wait so how do you make money?
Well this depends where your skills are. If your a programmer I suggest you search for the words “help script”  or if you are a writer you should try “help writing”. There are people out there on twitter right now that need your help. So get on board and start earning money.

If you get stuck leave a note in the comments or catch me on twitter.

This week on twitter I asked, short domain name or long dot com domain. Which would you buy when starting a site?

Here is what was said…

ColleenCoplick @bluefur short, but the .com whenever and wherever possible. Depends on the property for me personally.
trishussey @bluefur short. I try to keep two words max.
danudey @bluefur Short name. Something easy to remember and type, vs. something long that risks more typos or people forgetting.
brandingdavid @bluefur The shorter the better, but .com is the best for ease of marketing because .com is implied with most names.
raincoaster @bluefur Short domain name. One word is easy to remember. More is geometrically more complicated.
mercerch @bluefur How about memorable dot com domain.
avalonmel @bluefur If a short .ca is available I’d take that. Otherwise I’d go for a longer .com
jeremylatham @bluefur Memorable longer .com or short .ca (if it’s for a CDN audience)
leopardshoes @bluefur This is tough- been there, everything is taken it seems. I’d still lean toward .com as it’s what’s assumed by most. Make it easy

So what would you choose?

Are you suffering from the wintertime blues? Are you dying to get a little sun on your cheeks, casting that giant parka aside so you don’t have to brave the cold weather anymore? Maybe you need to do a little traveling to warmer climes. Let’s see where other bloggers are visiting this time of year.

Darren Barefoot probably spends more time at the airport than he would like to spend, but at least it is becoming increasingly easier to find outlets in airports these days. While traveling, you probably need to charge your laptop and cell phone, so finding an available power outlet is of paramount importance.

Zac Johnson made his way over to Las Vegas for Affiliate Summit West. Along with the Meet Market and various networking opportunities, Zac was also there as part of the Future of Advertising on Facebook panel, alongside such notable names as Alex Shultz and Shoemoney.

Bob Buskirk was also over in Sin City last week, but he wasn’t there for ASW. He was in Las Vegas for CES. A veteran of the Las Vegas Strip now, Bob knows how to catch the monorail and navigate his way through the labyrinth-like hotels and casinos. Too bad he stayed at Bob’s Gambling Hall. He could have stayed at the Encore by Wynn for about the same price.

Mostly Lisa kept it techie with her recent travels, but she decided to hit up San Francisco for MacWorld 2009. She loves her Apple products, so that made a little more sense, even if Steve Jobs wasn’t there for the keynote address. I hear San Fran is a great town to visit.

Michael Yurechko stayed at home in Vancouver, but he’s decided to go on a little holiday of his own. It’s not a stay-cation, per se, but he is taking a Twitter break. Twitter takes up so much of his time and, well, it’s about time he try to be a little more productive.