Articles and How To's

Google, Yahoo!, Skype hacked 

It appears as if the Iranian government managed to obtain secure digital certificates that can be used to impersonate Google, Yahoo, Skype, and other major Web sites, said a security company affected by the breach today.
The New Jersey based firm that issues digital certificates Comodo said that nine certificates were fraudulently obtained, including one for Microsoft's, but the certificates have since been revoked.
The IP addresses used in the attack have been found to be coming directly from Tehran, Iran. Spoofing web sites would allow the Iranian government to use what is known as a “man-in-the-middle attack” and impersonate the legitimate sites, as well as get passwords, read e-mail, and monitor any other network-based actions, even if the connections were protected with SSL.
"Spoofing" only works if the unknown perpetrators also operated the network, allowing them to use the Internet's DNS to redirect users to a fake site. That wouldn't be a problem for a national government such as Iran, which controls the telecommunications infrastructure, but also means that the impact of such a security breach is limited.
Many major browser makers already have revoked the fraudulent SSL certificates. Mozilla said last night, "We have updated Firefox 4.0, 3.6, and 3.5 to recognize these certificates and block them automatically." Google Chrome has been updated, and Microsoft said in a security advisory that they were contacted by Comodo on March 16th and "an update is available for all supported versions of Windows to help address this issue."
"This issue affects any application or service utilizing SSL certificates that attempts to access one of the Web sites with fraudulent keys. We decided to take a holistic approach to protecting users," said Bruce Cowper, group manager for Trustworthy Computing at Microsoft, in an e-mail. "We built a mitigation into Microsoft Windows so that any application or version of Internet Explorer could leverage it for protection."
Apple did not immediately respond to a request for comment.

[ add comment ] ( 153 views ) [ 0 trackbacks ] permalink ( 2.9 / 227 )

<Back | 1 | 2 | 3 | 4 | 5 | 6 | 7 | Next> >>