Interesting write up on The Register about a new SSL attack which could allow a man-in-the-middle to impersonate any SSL site by name. Apparently, FireFox 3.5 is the only (current) browser that can detect the malware SSL certificate ... maybe a good idea to temporarily ditch Safari until Apple updates it, in about a year's time.