September 6, 2011 | Digital Security

locks

This is a little technical, but it affects your ability to access secure sites without anybody seeing what you’re doing.

DigiNotar, a Dutch provider of SSL certificates, has been hacked, and hacked well and good. The hackers then created rogue SSL certificates, which can be used to impersonate actual, well-known websites, like google.com.

The total number of compromised domains is now an amazing 531 (yes, five hundred thirty-one). That includes Facebook, Yahoo!, Microsoft, Skype, Twitter, Tor, WordPress, the CIA, Mossad, MI6, and others. The Dutch government also said it couldn’t guarantee the security of its own government sites.

What to do about it

There’s something built into the secure certificates system which is supposed to mitigate the harm done in situations like this: certificate revocation. When a certificate authority (an issuer of SSL certificates) finds out that its certs have been compromised, it can issue a revocation notice.

Browsers are supposed to check for such notices before using a certificate. (In Google Chrome, there’s an option “Check for revocations”.) Theoretically, all should be fine, since DigiNotar has revoked the certificate.

But browser distributors have also done some updates of their own so that users of the latest browser versions will get a warning if they try to visit a site signed with a DigiNotar certificate.

So be sure you’re using the latest browser version.

Resources

Slashdot
Net Security
Nine News
Wikipedia has a good overview


If you liked this article

If you liked this article, don’t forget to subscribe for updates!

Subscribe to New Articles by RSS or E-mail

Get updates by RSS (What’s RSS?)

Subscribe by email:

Follow me on Twitter


Top Incoming Search Terms

"leave a reply" site:http://digitivity.org/ browser certificate hacked browser security certicicates hacked browser ssl hacked can ssl be hacked certificate hack certificate hack iphones chrome browser certificate revokation digi certificates hacks digi notar digi notar certificate digi notar certificate hack digi ssl hacked diginotar certificate test your browser diginotar hack how diginotar hack iphone diginotar revocation diginotar revokation diginotar security browse java diginotar ssl hack browser security diginotar ssl iphone digit notar security compromised does chrome browser have certification revocation? google digi hack how to hack browser security info:http://digitivity.org iphone diginotar iphone ssl hack iphone ssl hacking java diginotar notar digi notar hack notar hacks plastic surgery pittsburgh security ssl hacked site:digitivity.org/ ssl certificate crack browser ssl hack browser 2011 ssl hack chrome ssl hack google ssl hacks ssl security hacked what is digi notar

Related posts:

  1. Google Releases Skipfish Automatic Website Security Scanning Tool Google released a free website scanning tool called Skipfish. Skipfish...
  2. Google Chrome Browser Third Place Behind Internet Explorer and Firefox A new survey is showing that Google’s Chrome browser is...
  3. TechCrunch Blog Gets Hacked Again & WordPress Security The technology blog, TechCrunch--which runs on WordPress, was hacked for...
  4. How to Play a Quicktime Movie That Isn’t Playing in Your Browser Even though Flash FLV movies have become something of an...
  5. Creating a Database in MySQL with MySQL Query Browser on Ubuntu Linux A handy tool to manipulate MySQL is the MySQL MySQL...

Explore related content: , , , , , ,

8 Responses to “DigiNotar SSL Hack Threatens Browser Security”

  1. Howdy! This article could not be written any better! Looking through this article reminds me of my previous roommate! He continually kept preaching about this. I most certainly will send this article to him. Fairly certain he will have a very good read. Thanks for sharing!

  2. Excellent read, I just passed this onto a friend who was doing some research on that. And he in fact bought me lunch since I discovered it for him smile So let me rephrase that: Thank you for lunch!

  3. Nice post. I was checking continuously this site and I’m impressed! Extremely useful info specifically the last part I care for such info much. I was looking for this particular info for a long time. Thank you and best of luck.

  4. dobre gierki says:

    I am glad to be a visitor of this gross website! , thanks for this rare info ! .

  5. I like this website very much, Its a real nice place to read and obtain information. “From now on, ending a sentence with a preposition is something up with which I will not put.” by Sir Winston Churchill.

  6. Fantastic post, you might have pointed out some excellent points, I besides believe this really is a very amazing website.

  7. This was a seriously quite very good submit. In theory I’d prefer to publish like this also getting time and actual effort to make a great piece of writing but what can I say I procrastinate alot and by no means appear to obtain something done.

  8. This internet internet site is my breathing in, actually very good layout and perfect content .

Leave a Reply

CommentLuv Enabled