Your browser is obsolete!

The page may not load correctly.

Unexpected guests

Незваные гости

Other issues in this category (70)
  • add to favourites
    Add to Bookmarks

Certificates and their owners

Read: 2340 Comments: 2 Rating: 11

Thursday, November 30, 2017

When we talked about the certificates that are used to digitally sign software, we also mentioned the following fact:

As a rule, consumer devices are shipped with root certificates installed on them. When a digital signature is processed, the root certificate—the source of the trustworthy information—is verified too.

This guarantees that the certificate used to sign an application didn't appear out of nowhere but was issued by a well-known company. However, some issues exist.

1. The vast majority of certificate authority (CA) companies reside in the USA.

2. Nothing can stop a CA or its partner from issuing a duplicate certificate.

3. Perpetrators can compromise a CA.

Comodo Group's CA (their root certificate is regarded as trustworthy by most browser developers) issued certificates for unknown fraudsters. The certificates pertain to the following domains:

  • mail.google.com, www.google.com
  • login.yahoo.com (3шт)
  • login.skype.com
  • addons.mozilla.org
  • login.live.com

https://habrahabr.ru/post/116084

4. Impostors can fake a certificate. Because certificates are trusted by the majority of companies, it’s very lucrative to forge them.

According to WikiLeaks, the CIA forged certificates to give the impression that their software was issued by renowned publishers like Kaspersky Lab.

The three examples of source code published by WikiLeaks let anyone create a fake certificate for Moscow-based anti-virus company Kaspersky Laboratory that is signed by Thawte Premium Server CA, Cape Town.

#drweb

https://wikileaks.org/vault8

https://www.hackread.com/wikileaks-vault-8-leaks-show-cia-impersonated-kaspersky-lab

#digital_signature

The Anti-virus Times recommends

Blind trust may lead to devastating consequences. "Everybody knows" who actually writes malware—we hear this question not only at conferences but also from our new employees (they can now see with their own eyes the true makers of all the malware that ever existed!). However, the WikiLeaks-published information exposes the actual authors behind malware.

Cui prodest? (“Whom does it profit?), they used to ask in ancient times. It is not anti-virus developers who reap the benefits from malware-making activities.

[Twitter]

Tell us what you think

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments