Your browser is obsolete!

The page may not load correctly.

Unexpected guests

Незваные гости

Other issues in this category (48)
  • add to favourites
    Add to Bookmarks

Certificates and their owners

Read: 286 Comments: 0 Rating: 5

When we talked about the certificates that are used to digitally sign software, we also mentioned the following fact:

As a rule, consumer devices are shipped with root certificates installed on them. When a digital signature is processed, the root certificate—the source of the trustworthy information—is verified too.

This guarantees that the certificate used to sign an application didn't appear out of nowhere but was issued by a well-known company. However, some issues exist.

1. The vast majority of certificate authority (CA) companies reside in the USA.

2. Nothing can stop a CA or its partner from issuing a duplicate certificate.

3. Perpetrators can compromise a CA.

Comodo Group's CA (their root certificate is regarded as trustworthy by most browser developers) issued certificates for unknown fraudsters. The certificates pertain to the following domains:

  • mail.google.com, www.google.com
  • login.yahoo.com (3шт)
  • login.skype.com
  • addons.mozilla.org
  • login.live.com

https://habrahabr.ru/post/116084

4. Impostors can fake a certificate. Because certificates are trusted by the majority of companies, it’s very lucrative to forge them.

According to WikiLeaks, the CIA forged certificates to give the impression that their software was issued by renowned publishers like Kaspersky Lab.

The three examples of source code published by WikiLeaks let anyone create a fake certificate for Moscow-based anti-virus company Kaspersky Laboratory that is signed by Thawte Premium Server CA, Cape Town.

#drweb

https://wikileaks.org/vault8

https://www.hackread.com/wikileaks-vault-8-leaks-show-cia-impersonated-kaspersky-lab

#digital_signature

Dr.Web recommends

Blind trust may lead to devastating consequences. "Everybody knows" who actually writes malware—we hear this question not only at conferences but also from our new employees (they can now see with their own eyes the true makers of all the malware that ever existed!). However, the WikiLeaks-published information exposes the actual authors behind malware.

Cui prodest? (“Whom does it profit?), they used to ask in ancient times. It is not anti-virus developers who reap the benefits from malware-making activities.

Rate this issue and receive Dr.Weblings! (1 vote = 1 Dr.Webling)

Sign in and get 10 Dr.Weblings for sharing the link to this issue via social media.

[Twitter]

Unfortunately, due to Facebook's technical limitations, Dr.Weblings cannot be awarded. However, you can share this link with your friends for free.

Tell us what you think

Leave your comment on the day of publication and get 10 Dr.Weblings, or get 1 Dr.Webling for a comment posted any other day. Comments are published automatically and are reviewed by a moderator. Rules for leaving comments about Doctor Web news items.

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.