Comodo Registration Authority compromised
March 24, 2011 8:05 PM Subscribe
The circumstantial evidence suggests that the attack originated in Iran.
posted by fifteen schnitzengruben is my limit (49 comments total)
20 users marked this as a favorite
Every time you see a little lock icon in your browser and are using HTTPS connections, odds are you're using a site whose certificate was signed by an Certificate Authority like VeriSign
, or Thawte
. This week, SSL certificate provider Comodo announced that one of its accounts had been compromised. The attacker used the account to generate 9 bogus certificates to use for 7 well-known domains
. While the breach was discovered and the certificates were revoked, it does raise questions
about the chain of trust for all SSL certificates.
The sites that the attacker created false IDs for were main internet hubs like Google, Yahoo, Skype, and Live. As Comodo posted in their blog: It does not escape notice that the domains targeted would be of greatest use to a government attempting surveillance of Internet use by dissident groups. The attack comes at a time when many countries in North Africa and the Gulf region are facing popular protests and many commentators have identified the Internet and in particular social networking sites as a major organizing tool for the protests.