What is HTTPS Bicycle Attack?
For an HTTPS Bicycle Attack to be successful, a few prerequisites need to be satisfied.
After a simple subtraction, an attacker would then be in the possession of the users password length.
The password length will allow the hacker to brute-force into any web account.
Vranken has also published details of mitigation against the HTTPS Bicycle Attack.
To protect against HTTPS Bicycle attacks, Vranken recommends that webmasters should turn off support for TLS stream-ciphers.
source: www.techworm.net
