“Today, when I tried to login to my Gmail account I saw a certificate warning in Chrome,” someone using the screen name “alibo” wrote. “I think my ISP or my government did this attack (because I live in Iran and you may hear something about the story of Comodo hacker!)” Alibo then posted a screenshot and the text of the certificate. The screenshot page was not accessible."
Who were the naive idiots who said the Comodo reseller who got hacked in March was the job of one guy and had nothing to do with Iranian government?
Those idiots should not be in the security business…they rather believe a propoganda put out by the attackers than their fellow security professionals.
We should list those Idiot’s names so that they know how stupid they have been!
"According to DigiNotar, they're not able to track which rogue certificates were generated," said Schouwenberg in a Wednesday blog . "So more of these rogue certificates may be out there. How is this possible? Either DigiNotar performs no logging of the certificates they create or their logs got cleaned out during the attack."
Who were the so called “Security Professionals” who said the people who attacked Comodo was not “state sponsered” but a 21 year old kid looking for notarity? I did say the very same people who attacked Comodo would continue to attack as they needed the “key” that CA’s hold to decrypt communication.
Those people should NOT be in security business as they were naive enough to take “criminal’s word” vs their fellow security professionals.
Their name should be in the Most Naive Security Professional list!!!
Late Tuesday, Mozilla shipped updates for Firefox 6 and Firefox 3.6 that added DigiNotar's root certificate to those browsers' blacklists. Google has updated Chrome 13 and Chrome 14 -- the latter currently in beta testing -- to do the same.
Question : did Comodo implement the same security measure in Dragon?
The blocking of bad certificate serial numbers list is hard coded, it’s part of the core. However, Chrome and all it’s offshoots, like Dragon, use other peoples root certificate databases. On Windows, Chrome uses the Microsoft Root Certificate store, on Linux it uses the Mozilla NSS shared database and on OSX it uses the MacOS X’s keychain.
We're revoking trust for SSL certificates issued by DigiNotar-controlled intermediate CAs used by the Dutch PKIoverheid program. For more details about the security issues see the Google Security Blog post about DigiNotar and an update from Mozilla, who is also moving to revoke trust in these certificates.