Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Fri 28 Nov 2014, 14:14
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Fake security certificates done by hackers
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [14 Posts]  
Author Message
8-bit


Joined: 03 Apr 2007
Posts: 3393
Location: Oregon

PostPosted: Tue 06 Sep 2011, 00:59    Post subject:  Fake security certificates done by hackers
Subject description: Are we at risk?
 

Some hackers have found a way to place fake security certificates on sites we use.
The article can be found here.

It makes me wonder if I am in danger of having data or passwords hacked.
Back to top
View user's profile Send private message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Tue 06 Sep 2011, 01:27    Post subject:  

Quote:
Gervase Markham, a Mozilla developer who has been involved in the response to the DigiNotar failure, warned Iranian internet users on Monday to update their browsers, "log out of and back into every email and social media service you have" and change all passwords.


What part of Iran is Oregon in?

Cold war over.
Cyber war is all the rage.

This advice will please my team of carrier pigeons
Quote:
He advised users who wanted to be certain of secure communication with the government to return to using pen and paper.


Don't frighten Nooby unnecessarily
I already set up the 'paranoia for beginners' thread for a bit of voluntary fear quaking . . .
http://www.murga-linux.com/puppy/viewtopic.php?p=398158#398158

_________________
Puppy WIKI
Back to top
View user's profile Send private message Visit poster's website 
8-bit


Joined: 03 Apr 2007
Posts: 3393
Location: Oregon

PostPosted: Tue 06 Sep 2011, 01:52    Post subject:  

If you read between the lines, and are a bit paranoid, you could assume the hackers did not stop with just their own country of Iran.

It is what they don't tell you that can hurt.
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Tue 06 Sep 2011, 05:14    Post subject:  

Quote:
in a statement Monday, the Dutch Justice Ministry published a list of the fraudulent certificates that greatly expands the scope of the July hacking attack that DigiNotar first acknowledged last week.

The list includes sites operated by Yahoo, Facebook, Microsoft, Google, Skype, AOL, Mozilla, TorProject, and WordPress, as well as spy agencies including the CIA, Israel's Mossad and Britain's MI6.

DigiNotar is one of many companies which sell the security certificates widely used to authenticate websites and guarantee that communications between a user's browser and a website are secure.


I hope those who care for internet security then try to do something about it?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
Sylvander

Joined: 15 Dec 2008
Posts: 3524
Location: West Lothian, Scotland, UK

PostPosted: Tue 06 Sep 2011, 06:01    Post subject:  

8-bit wrote:
It is what they don't tell you that can hurt.

Quite so!

I've seen it said that "the greatest victories are those no-one knows about". Sad

OK for the victor; what about the vanquished?

When there are winners, others must lose.

Do we really need "winners and losers"?

The "System" tells us we do.
Back to top
View user's profile Send private message 
russoodle


Joined: 12 Sep 2008
Posts: 667
Location: Down-Under in South Oz

PostPosted: Tue 06 Sep 2011, 08:22    Post subject:  

Am i missing something? Posted 31st December, 1969??

Confused
cbc-news-hacking.jpg
 Description   Check out the "Posted" date here.
 Filesize   290.11 KB
 Viewed   330 Time(s)

cbc-news-hacking.jpg


_________________
This aging business really bugs me - it didn't bother me years ago, so why is it happening now??
meownplanet - puppylinuxstuff
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Tue 06 Sep 2011, 08:35    Post subject:  

Yes but them care about us so them updated it yesterday to make it more up to date as we say in Sweden. Smile
_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
russoodle


Joined: 12 Sep 2008
Posts: 667
Location: Down-Under in South Oz

PostPosted: Tue 06 Sep 2011, 08:53    Post subject:  

nooby wrote:
Yes but them care about us so them updated it yesterday to make it more up to date as we say in Sweden. Smile

It's all too much for my tiny mind, Noob...this all happened back in 1969 and i'm only catching up now because the article's been updated..? Shocked

There must be a dirty word or two in there somewhere, so i'm going to go wash my mouth out with chocolate Very Happy

_________________
This aging business really bugs me - it didn't bother me years ago, so why is it happening now??
meownplanet - puppylinuxstuff
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Tue 06 Sep 2011, 10:38    Post subject:  

I trust them wrote the wrong date there. Iran did not have such hackers back in 1969. Smile
_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
8-bit


Joined: 03 Apr 2007
Posts: 3393
Location: Oregon

PostPosted: Tue 06 Sep 2011, 13:10    Post subject:  

The link I gave was found by doing a quick search on the web.
It is not the original article that was part of google news.
That article was done by someone else.
But as more people start using linux, hackers will target it also.

I do not think there is a safe place to protect your data.
Some say put it on paper.
Then I guess you get a shotgun and stand alert for break in attempts by burglers.
Barry can tell you about having data in your own home getting stolen.

With banking transactions, some say not to use the computer and do your transactions at the bank.
The problem with that, is that they use a computer to record your transactions and a hack of that banking division would lay bare your banking data.

So you do the best you can to protect your data and hope it stays safe.
EDIT:
For your information go to http://bkhome.org/blog/?viewDetailed=02465 and read the comment by Jota.
It appears that a bug fix update of SeaMonkey has been released that takes care of the fake security certificates.
Back to top
View user's profile Send private message 
pemasu


Joined: 08 Jul 2009
Posts: 5465
Location: Finland

PostPosted: Tue 06 Sep 2011, 17:44    Post subject:  

http://blog.trendmicro.com/diginotar-iranians-the-real-target/
Back to top
View user's profile Send private message 
8-bit


Joined: 03 Apr 2007
Posts: 3393
Location: Oregon

PostPosted: Tue 06 Sep 2011, 19:36    Post subject:  

But did you know that diginotar's parent company is located in Chicago in the good old USA?
Also, it seems some hacker is pissed off and threatening to distribute fake security certificates to other sites and possibly in other countries.

Firefox, SeaMonkey, Opera, Google Chrome, and IE have all distrubuted updates to address this. So it has the possibility of not being confined to just one country.

Apple's Safari browser evidently has not got an update yet.
Also, AVG Internet Security has updated pertaining to this.
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Wed 07 Sep 2011, 04:08    Post subject:  

One would need to know then what version of FireFox that will get the more protecting patch them make?

Why does one need certificates? oh sorry I guess it is https and the s means secure and to make it secure them use a Certificate that it is secure?

So in what other way can one know if it is a man in the middle thing one have been victim of?

Would it help to know the number of the site and not use DNS at all. One always looks up on the HDD what real number google Gmail has and that way one are ones own DNS and don't rely on any Certification?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Thu 08 Sep 2011, 03:42    Post subject:  

How does one know which SSL certificate one have?

I have always used this to go into my webmail for google

mail.google.com or www.google.com/mail and both of them worked.

Now gmail at google has suddenly changed to

accounts.google.com/ and the passwords that firefox has saved does not get activated due to the changed first word there.

Could that be a man in the middle something?


read here
http://nakedsecurity.sophos.com/2011/08/29/falsely-issued-google-ssl-certificate-in-the-wild-for-more-than-5-weeks/
Quote:
Update 2: Google is following Mozilla's lead by marking DigiNotar untrusted in the next release of the Chrome OS (Chromium).

Original post: Reports surfaced this morning that accuse the government of Iran with trying to perform a man-in-the-middle attack against Google's SSL services. ...
The certificate in question was issued on July 10th by Dutch SSL certificate authority DigiNotar. DigiNotar revoked the certificate today at 16:59:03 GMT, but many browsers do not check for revoked certificates by default. ...



So I need to learn more about this "many browsers do not check for revoked certificates by default. ..."

Does my FF do that? I have no idea!

next text.
Quote:
Last March ComodoHacker claimed responsibility for the first attack against a certificate authority that resulted in bogus SSL certificates being issued in the wild.

In addition to claiming his attacks are far more sophisticated than Stuxnet and distancing himself from the Iranian government, he also claims to have compromised four other certificate authorities, including GlobalSign.

GlobalSign logoGlobalSign, the fifth largest certificate issuer according to NetCraft, responded to this news by immediately ceasing any further signing of certificates while they investigate.

Their response is interesting. While we don't know if they have been compromised (and arguably, neither do they) they are making a tough choice that is what we should expect from organizations whose business models rely on trust.
from here
http://nakedsecurity.sophos.com/2011/09/07/globalsign-stops-issuing-ssl-certificates-in-response-to-iranian-hacker/

revoking one can read about here
http://nakedsecurity.sophos.com/2011/03/24/fraudulent-certificates-issued-by-comodo-is-it-time-to-rethink-who-we-trust/
Quote:
Comodo has already revoked the 9 fraudulent certificates. The revoked certificate serial numbers are published in Comodo's Certificate Revocation List (CRL), which can be manually imported and consumed on most platforms; on Windows via certmgr.msc, on OSX via KeyChain, or directly into some browsers, like Firefox.

Enabling certificate revocation checking in your browser is also advisable, not only for this particular issue, but to benefit from past and future revocation information as well.


so how do I do such things?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [14 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0931s ][ Queries: 13 (0.0115s) ][ GZIP on ]