Google blacklisted 247 additional DigiNotar certificates?
Posted on 31 August 2011.
New versions of Chrome and Firefox have been released today by Google and Mozilla due to the discovery of a rogue Google SSL certificate being abused in the wild.

DigiNotar has admitted yesterday that the issuing of the certificate in question was missed by the auditing firm that went through its systems following the breach it experienced in July, and that many other rogue certificates were issued by the attackers but have been recalled in the meantime.

But, the fact that it declined to share for which particular sites these certificates were issued likely made Google hard code 247 additional SSL certificates for non-Google domains into the blacklist of an upcoming Chrome version, reports The Register.

In the meantime, The Netherland's government issued a statement saying that the public key infrastructure system used by the government has not been compromised.

DigiNotar has also confirmed that the root server that is used to generate DigID certificates - digital identities used to access the majority of online services offered by Dutch government agencies - has not been accessed by the attackers.

Given that DigiNotar made this claim on account of the results of the poorly effected audit that managed to miss the rogue Google certificate, a lot of people are understandably skeptical, says ThreatPost.

If there is one positive consequence of this whole incident, it is that the security community has begun raising its voice against the (obviously) fallible digital identity certificate system that is currently in place, and has begun searching for alternatives.






Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals itís our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Sep 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //