[cryptography] Fwd: Comodo hacker: I hacked DigiNotar too; other CAs breached

Jeffrey Walton noloader at gmail.com
Tue Sep 6 18:51:08 EDT 2011


On Tue, Sep 6, 2011 at 5:56 PM, David Koontz <david_koontz at xtra.co.nz> wrote:
>
>
> http://arstechnica.com/security/news/2011/09/comodo-hacker-i-hacked-diginotar-too-other-cas-breached.ars

:: "As with the statements issued after the Comodo hack, the DigiNotar
statement was clear about one thing: the sophistication of the hack
and the great skill it took."

I wonder if its the same sophistication that was used on RSA.

:: "Meanwhile, the fallout from the hack continues. DigiNotar has, in
effect, lost its status as a trusted root certificate authority. Its
certificates have been blacklisted by Microsoft, Google, Mozilla, and
Apple."

Neither my MacBook nor iPod and iPad have taken updates. I don't
believe Apple has taken any action yet. And there's been some
confusion on the FedTalk mailing list - Apple OSes appear to be using
the certs despite the fact that folks are manually untrusting and
disabling them (because Apple has not acted)
http://lists.apple.com/archives/fed-talk/2011/Aug/msg00089.html.



More information about the cryptography mailing list