Iranian government is on the attack again?

“Today, when I tried to login to my Gmail account I saw a certificate warning in Chrome,” someone using the screen name “alibo” wrote. “I think my ISP or my government did this attack (because I live in Iran and you may hear something about the story of Comodo hacker!)” Alibo then posted a screenshot and the text of the certificate. The screenshot page was not accessible."

Who were the naive idiots who said the Comodo reseller who got hacked in March was the job of one guy and had nothing to do with Iranian government?

Those idiots should not be in the security business…they rather believe a propoganda put out by the attackers than their fellow security professionals.

We should list those Idiot’s names so that they know how stupid they have been!


A government getting caught redhanded in the article Chinese Government Launching Online Attacks by F-Secure’s Chief Research Officer Mikko Hypponen.

Updates to Firefox and Chrome are available to block the fraudulent DigiNotar certificates.

Oops! News from the Lab Archive : January 2004 to September 2015

Better late that never!

It would seem this ‘attack/compromise’ is somewhat worse than initially believed. It seems google has removed 257 DigiNotar certificates and Mozilla have distrusted their Root CA

google says:

“…affected were primarily located in Iran”

This is really bad. CA and browsers are under attack, because they are the ones providing the service.

Good thing that COMODO could repel the attack quicker than anyother CA (DigiNotar in example).


Tor Project

"According to DigiNotar, they're not able to track which rogue certificates were generated," said Schouwenberg in a Wednesday blog . "So more of these rogue certificates may be out there. How is this possible? Either DigiNotar performs no logging of the certificates they create or their logs got cleaned out during the attack."

Who were the so called “Security Professionals” who said the people who attacked Comodo was not “state sponsered” but a 21 year old kid looking for notarity? I did say the very same people who attacked Comodo would continue to attack as they needed the “key” that CA’s hold to decrypt communication.

Those people should NOT be in security business as they were naive enough to take “criminal’s word” vs their fellow security professionals.

Their name should be in the Most Naive Security Professional list!!! :slight_smile:


Quote from the link IT news, careers, business technology, reviews | Computerworld posted by Radaghast :

Late Tuesday, Mozilla shipped updates for Firefox 6 and Firefox 3.6 that added DigiNotar's root certificate to those browsers' blacklists. Google has updated Chrome 13 and Chrome 14 -- the latter currently in beta testing -- to do the same.

Question : did Comodo implement the same security measure in Dragon?

I’d guess, as Dragon 13.2 is based on the 13.0.782.218 core, which is the new stable version from Google with the revoked certificates…

Comodo Dragon ver 13.2 is now available for download
Google released a new version of Chrome

Yes, if they use the same blacklist.l

The blocking of bad certificate serial numbers list is hard coded, it’s part of the core. However, Chrome and all it’s offshoots, like Dragon, use other peoples root certificate databases. On Windows, Chrome uses the Microsoft Root Certificate store, on Linux it uses the Mozilla NSS shared database and on OSX it uses the MacOS X’s keychain.

Thank you, Radaghast, for the explanation.

Mozilla completely remove Diginota CA along with the Staat der Nederlanden roots on information received from the Dutch Government. Other browser vendors sure to follow…

DigiNotar Removal Follow Up

Chrome have a patch in the works:

El Reg Article: Dutch CA banished for life from Chrome , Firefox

This quote seems a bit silly now… 88)

VASCO does not expect that the DigiNotar security incident will have a significant impact on the company’s future revenue or business plans.

Source: news_DigiNotar reports security incident (Already linked by Radaghast)

How on earth did Diginotar become a CA? Seriously, one has to wonder what else is waiting in the winds to be revealed and not necessarily with regard to Diginotar…

domains for which ceritificate were issued: Who were those naive idiots who thought this was a single hacker when they attacked Comodo and told the press that?

DigiCert Root CA
Equifax Root CA

Thawte Root CA
VeriSign Root CA

Chrome 13.0.782.220:

We're revoking trust for SSL certificates issued by DigiNotar-controlled intermediate CAs used by the Dutch PKIoverheid program. For more details about the security issues see the Google Security Blog post about DigiNotar and an update from Mozilla, who is also moving to revoke trust in these certificates.