lovinglinux
August 30th, 2011, 05:15 PM
http://www.conceivablytech.com/9157/products/iran-may-have-acquired-google-ssl-certificates-prompts-browser-security-alerts
Chrome was reportedly able to detect the fraudulent certificate whey a recent security update in its browser and confirm the vulnerability. Google the informed Mozilla and Microsoft which both issued security updates for their products. Mozilla revoked the certificate, but said that the extent of the problem is not clear and has therefore published “new versions of Firefox for desktop (3.6.21, 6.0.1, 7, 8, and 9) and mobile (6.0.1, 7, 8, and 9), Thunderbird (3.1.13, and 6.0.1) and SeaMonkey (2.3.2) shortly that will revoke trust in the DigiNotar root and protect users from this attack.”
Users are urged to update their browsers.
Deleting the DigiNotar CA certificate (http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert)
http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-certificate/
Issue
Mozilla was informed today about the issuance of at least one fraudulent SSL certificate for public websites belonging to Google, Inc. This is not a Firefox-specific issue, and the certificate has now been revoked by its issuer, DigiNotar. This should protect most users.
Impact to users
Users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for the legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe it’s coming from a trusted site. We have received reports of these certificates being used in the wild.
Status
Because the extent of the mis-issuance is not clear, we are releasing new versions of Firefox for desktop (3.6.21, 6.0.1, 7, 8, and 9) and mobile (6.0.1, 7, 8, and 9), Thunderbird (3.1.13, and 6.0.1) and SeaMonkey (2.3.2) shortly that will revoke trust in the DigiNotar root and protect users from this attack. We encourage all users to keep their software up-to-date by regularly applying security updates. Users can also manually disable the DigiNotar root through the Firefox preferences.
Credit
This issue was reported to us by Google, Inc.
http://weblogs.mozillazine.org/gerv/archives/2011/08/diginotar_compromise_webmaster_notificat.html
A Dutch CA called DigiNotar (http://diginotar.nl/) has suffered a security breach. Mozilla is removing trust from their root certificate (http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-certificate/) - we hope to release updates today. We have used the EFF SSL Observatory (https://www.eff.org/observatory) data to make a list of affected websites (those whose certificates chain up to the DigiNotar root[0]). We want to warn the webmasters of these sites that they need to get new certificates ASAP. And that's where we use the power of the community :-)
If you can read Dutch, we would appreciate your help. There is a Google Docs spreadsheet (https://docs.google.com/spreadsheet/ccc?pli=1&key=0AtLNtYDDyKsudG1lc2xmRDZRNTBkdXR1M0gzelZ3MkE&hl=en_GB#gid=0) with the list of affected sites and instructions on how to find the webmaster email or contact form and warn them, using a letter we have written. The more warning they get, the less disrupted the Dutch SSL internet will be. Please head over there and help out :-) Thanks!
Chrome was reportedly able to detect the fraudulent certificate whey a recent security update in its browser and confirm the vulnerability. Google the informed Mozilla and Microsoft which both issued security updates for their products. Mozilla revoked the certificate, but said that the extent of the problem is not clear and has therefore published “new versions of Firefox for desktop (3.6.21, 6.0.1, 7, 8, and 9) and mobile (6.0.1, 7, 8, and 9), Thunderbird (3.1.13, and 6.0.1) and SeaMonkey (2.3.2) shortly that will revoke trust in the DigiNotar root and protect users from this attack.”
Users are urged to update their browsers.
Deleting the DigiNotar CA certificate (http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert)
http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-certificate/
Issue
Mozilla was informed today about the issuance of at least one fraudulent SSL certificate for public websites belonging to Google, Inc. This is not a Firefox-specific issue, and the certificate has now been revoked by its issuer, DigiNotar. This should protect most users.
Impact to users
Users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for the legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe it’s coming from a trusted site. We have received reports of these certificates being used in the wild.
Status
Because the extent of the mis-issuance is not clear, we are releasing new versions of Firefox for desktop (3.6.21, 6.0.1, 7, 8, and 9) and mobile (6.0.1, 7, 8, and 9), Thunderbird (3.1.13, and 6.0.1) and SeaMonkey (2.3.2) shortly that will revoke trust in the DigiNotar root and protect users from this attack. We encourage all users to keep their software up-to-date by regularly applying security updates. Users can also manually disable the DigiNotar root through the Firefox preferences.
Credit
This issue was reported to us by Google, Inc.
http://weblogs.mozillazine.org/gerv/archives/2011/08/diginotar_compromise_webmaster_notificat.html
A Dutch CA called DigiNotar (http://diginotar.nl/) has suffered a security breach. Mozilla is removing trust from their root certificate (http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-certificate/) - we hope to release updates today. We have used the EFF SSL Observatory (https://www.eff.org/observatory) data to make a list of affected websites (those whose certificates chain up to the DigiNotar root[0]). We want to warn the webmasters of these sites that they need to get new certificates ASAP. And that's where we use the power of the community :-)
If you can read Dutch, we would appreciate your help. There is a Google Docs spreadsheet (https://docs.google.com/spreadsheet/ccc?pli=1&key=0AtLNtYDDyKsudG1lc2xmRDZRNTBkdXR1M0gzelZ3MkE&hl=en_GB#gid=0) with the list of affected sites and instructions on how to find the webmaster email or contact form and warn them, using a letter we have written. The more warning they get, the less disrupted the Dutch SSL internet will be. Please head over there and help out :-) Thanks!