ehMac.ca

ehMac.ca (http://www.ehmac.ca/index.php)
-   Anything Mac (http://www.ehmac.ca/forumdisplay.php?f=5)
-   -   Hack Obtains 9 Bogus Certificates for Prominent Websites (http://www.ehmac.ca/showthread.php?t=94015)

krs Mar 29th, 2011 01:43 PM

Hack Obtains 9 Bogus Certificates for Prominent Websites
 
Not Mac specific but it could definitely affect Mac users:

Hack Obtains 9 Bogus Certificates for Prominent Websites; Traced to Iran | Threat Level | Wired.com

CanadaRAM Mar 29th, 2011 01:50 PM

Quote:

Originally Posted by krs (Post 1078240)

The article states that Comodo revoked the certificates "within hours"
Which presumably means that this particular hack should affect nobody now, but may theoretically have during the period it was undetected.

krs Mar 29th, 2011 02:20 PM

True enough -

What bothers me is that Comodo was unaware of the problem and only found out when another agency pointed it out to them.
I suppose there is no 100% security against hackers but one would hope that a site like Comodo should have at least a means to detect when it had been compromised.

Atroz Mar 29th, 2011 10:44 PM

Quote:

Originally Posted by CanadaRAM (Post 1078243)
The article states that Comodo revoked the certificates "within hours"
Which presumably means that this particular hack should affect nobody now, but may theoretically have during the period it was undetected.

Actually, you need to make sure that your browser actually checks for revoked certificates. If not, your browser will still be tricked.

See here for Safari configuration: The Mac Security Blog Protect Safari from Fraudulent Digital Certificates

krs Mar 29th, 2011 11:09 PM

Quote:

Originally Posted by Atroz (Post 1078522)

Thanks, the check on Safari was turned off for me - I assume that is the default.


All times are GMT -4. The time now is 03:55 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
Content Relevant URLs by vBSEO 3.6.0 RC 2
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 1999 - 2012, ehMac.ca All rights reserved. ehMac is not affiliated with Apple Inc. Mac, iPod, iTunes, iPhone, Apple TV are trademarks of Apple Inc.