Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Company selling SSL/TLS man in the middle attack kit

Comments

  • #2
    BaconZombie
    Registered Users, Registered Users 2 Posts: 8,813 ✭✭✭BaconZombie


    There is a great blog post on TOR about "Living without a CA":

    https://blog.torproject.org/blog/life-without-ca

    Edit:

    RT @security4all: Did you know that the Root CA of the Belgian government is in your certificate store and they could use it for MITM SSL attacks? ;)


  • #3
    probe
    Closed Accounts Posts: 2,055 ✭✭✭probe


    Steve talks about this nasty company that makes its money from selling man in the middle attack appliances. The bottom line is one can’t trust “SSL” certificates because any tin pot dictatorship can use a front company to issue SSL certificates which your browser will accept without warning. “Bongo bongoland” could issue a cert for google.com to enable them to snoop on your gmail using this MITM appliance.

    http://files.cloudprivacy.net/ssl-mitm.pdf

    Netcast (audio only): (the relevant section starts at 58’27”)

    http://www.podtrac.com/pts/redirect.mp3/aolradio.podcast.aol.com/sn/sn0243.mp3

    Video of show:
    http://dts.podtrac.com/redirect.mp4/twit.mediafly.com/video/sn/sn0243/sn0243_h264b_864x480_500.mp4


  • #4
    BaconZombie
    Registered Users, Registered Users 2 Posts: 8,813 ✭✭✭BaconZombie


    There is an "unknown" Root Cert in Firefox at the moment:

    http://groups.google.com/group/mozilla.dev.security.policy/browse_thread/thread/b6493a285ba79998/26fca75f9aeff1dc?pli=1



    Kathleen Wilson
    View profile
    More options Apr 2, 6:19 pm
    Newsgroups: mozilla.dev.security.policy
    From: Kathleen Wilson <kathleen95...@yahoo.com>
    Date: Fri, 02 Apr 2010 10:19:35 -0700
    Local: Fri, Apr 2 2010 6:19 pm
    Subject: Recommend Removing RSA Security 1024 V3 root certificate authority
    Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
    All,

    I propose that the "RSA Security 1024 V3" root certificate authority be
    removed from NSS.

    OU = RSA Security 1024 V3
    O = RSA Security Inc
    Valid From: 2/22/01
    Valid To: 2/22/26
    SHA1 Fingerprint:
    3C:BB:5D:E0:FC:D6:39:7C:05:88:E5:66:97:BD:46:2A:BD:F9:5C:76

    I have not been able to find the current owner of this root. Both RSA
    and VeriSign have stated in email that they do not own this root.

    Therefore, to my knowledge this root has no current owner and no current
    audit, and should be removed from NSS.


  • #5
    probe
    Closed Accounts Posts: 2,055 ✭✭✭probe


    BaconZombie wrote: »
    There is an "unknown" Root Cert in Firefox at the moment:

    http://groups.google.com/group/mozilla.dev.security.policy/browse_thread/thread/b6493a285ba79998/26fca75f9aeff1dc?pli=1

    Thanks - I've deleted these unknown root certs from Firefox on my machines. I'm thinking of deleting all Microsoft and Firefox "approved" certificates from my system, and doing my own due diligence on a case by case basis when it comes to accepting a certificate.

    For general info, anyone interested in examining and/or deleting certificates in Firefox : Tools > Options > Advanced > View certificates. Select a cert to examine it or delete it.

    I wouldn't trust Microsoft's certificates with a bargepole - other than for microsoft.com.


Advertisement