CA – PrivaSecTech Wed, 13 Nov 2019 18:33:32 +0000 en-US hourly 1 Ich Sun is back, claiming the #MostSophisticatedHackOfAllTime Tue, 06 Sep 2011 19:47:47 +0000 Continue reading Ich Sun is back, claiming the #MostSophisticatedHackOfAllTime]]> You may have read my comodogate article back in March where I reported that the comodogate hacker, going by the name Ich Sun told me “…there is a lot of vulnerable CAs, I got some other stuff”. Well, in the last 24 hours he claims to have been responsible for the DigiNotar compromise and a few minutes ago provided another update; in these updates he reveals that as a 21 year old Iranian, he has compromised another 4 certificate authorities (CAs) as well as reverse engineered windows update (update your windows here). What do these hacks do? He can impersonate any secure website he wishes, which includes impersonating google and gmail which has already been seen in the wild using these certificates. The certificate authority model that secures the internet as we know it today will change as a result of this, so it has some serious impact.

What can you do?

If you’re on twitter, I’ve found the most interesting discussion on the topic between Kevin S McArthur, Moxie Marlinspike and Marsh Ray, although it’s fairly technical in nature due to the complexity of this attack. Otherwise, stay tuned here for updates, or ask us your questions.
Upgrade your browser before you check your gmail Tue, 30 Aug 2011 20:26:48 +0000 Continue reading Upgrade your browser before you check your gmail]]> There is a wildcard * SSL certificate in the wild, which means malicious people can sit between you and anything at Google (including gmail) and pretend they are Google, watching everything you do. DigiNotar is the root level certificate authority (CA) who gave out this certificate. It’s not clear if this was intentional or not, but regardless, this is the internet version of a death sentence for this company. Mozilla and Microsoft have both pulled DigiNotar out of their browsers. A user in Iran has reported it being used on him; it’s not clear if the attack was from his ISP or his government, but you could also be a victim. Make you you have an upgraded version of your browser before you visit any of Google’s services. You can read the Darknet article for more details.

You should be able to tell your safe if you go to DigiNotar’s website and get a certificate error.