Comodo under attack.

Why was this moved and effectively killed ?
Why not simply remove the portion which banned the original poster and leave the other information
here where it belongs ???
If it’s not true, then there isn’t any reason to delete something that’s all over the net.
At least you would have had an open discussion to discuss and defend this subject.
Moving it only makes it appear to be something Comodo would like to sweep under the rug.
I’m sure that wasn’t your intent for killing the original post.

It was moved due to Forum Policy Board violations because someone couldn’t behave. I was not the one that moved it, but I can see that as the reason as to why it was moved from “public view”. I am sorry it was moved, but it is above me to move it back. I will ask the mod that did move it to look at this thread and comment if they want.

The OP was kindly asked to remove two words and he wasn’t willing to cooperate and was therefore removed.

Valentin N


My mistake, I’d forgotten that the Forum Policy Violation Board is no longer visible and what I had done was not transparent.

The original topic has been restored, less the offending posts.

Comodo issues fraudulent Google, Microsoft, Mozilla, Skype, Yahoo certificates

Sal: Thanks, I should had thought of that sooner. :slight_smile:

[at] bob3160

Hery Bob,

Explanatory PM sent.

Ewen :slight_smile:

Thanks for the explanation and I’m sure the intent of Comodo was never to hide the original content.
Thanks for restoring the rest of the post. :slight_smile:

Update your Windows!

This is rather suprising…Bob…is that you? I was expecting you to come and blog/post about but to my utter surprise you blog about the Iranian attack…wow…what a surprise :slight_smile:


I’m full of surprises. :slight_smile:

you are… :slight_smile:

how is the work coming along? did you get a pay rise yet?

Haha…I’ve noticed 2 or 3 other threads on this subject…so don’t worry Bob.
There’s more than enough fear-uncertainty-doubt to go around.

Should I stop hyper-ventilating now?
You’ll let me me know…right?

Since when is it work speaking to computer users about:
Protecting Yourself and Your Identity Online :slight_smile:

since when you get paid for it as you admitted it in your blog…

You may call it what ever you like, for me it’s a pleasure and I look forward to each new presentation.
I was tempted to stop by your booth at the RSA conference. :slight_smile:

you should have…next time pls do…

btw: are you guys helping setup any standards?

Wish I could answer that question but I don’t work for Avast. I’m only a spokes person helping others stay safe on their computer and the internet.


A very good article explaining man-in-the-middle (MITM) attack, the failure of the Certificate Authorities (CAs) model and (like they call) Comodo’s colossal ■■■■■ up.

The mathematics behind the authentication and encryption are pretty robust (at least given current knowledge), so those parts are reasonably safe. But an awful lot of trust is placed on those root CAs. If a root CA starts issuing certificates to people that it shouldn't—giving a hacker a certificate purporting to be [I][Mozilla, Microsoft, Google, Skype, Yahoo...][/I], say—then [b]the whole system collapses[/b]. The hacker can act as a [b]man-in-the-middle[/b] and the client's Web browser will actually trust his certificate. No warning about self-signed certificates; everything will just work as if nothing were wrong.
And that's exactly what one of the root CAs, Comodo, has done. Nine times. A user account belonging to a Comodo "Trusted Partner" based in Southern Europe was hacked, and this hacked account was used to issue nine fraudulent certificates. [...] The hacked user account has been suspended, and the company has instituted "additional audits and controls" of an entirely unspecified nature.
Further detective work by Applebaum revealed that the blacklisted certificates were issued by Salt Lake City-based Comodo reseller UserTrust.
[b]The chain of trust is broken[/b] [...] This is not the first time that a bogus certificate has been issued. Back in 2001, Verisign [...] [but] This attack was worse than those previous incidents, however. [...] A single hack of a CA, or coercion of a CA in an despotic regime, means that a malicious party can produce a certificate that essentially every device on the Internet will trust, allowing interception and eavesdropping of secure communications. [...] The current chain of trust concept is endemic, and the commercial nature of most root CAs means that they will apply pressure to keep the current system.
[b]The centralized trust model doesn't work.[/b]

Edit: Article URL fixed by Sal Amander

I read a good bunch of posts about the issue and there are a lot of so called experts there, some copy/paste bloggers, most of them have no clue what their writing about, and others just focus on this incident as if it could only happen to Comodo’s CA… wouldn’t gaining access to every others CA’s RA credentials had the same result?

And completely missing the most important part for average Joe, how do I fix this?

  • I’m not trying to defend C here, just trying to show the narrow-minded writing about the issue on some occasions…

This isn’t picking on Comodo. As Tech already pointed out, this has happened before and the last time it was not Comodo
Stronger safeguards need to be put in place so that this so called “chain of trust” becomes iron clad rather than a weak link.