[3662] in Privacy_Forum

home help back first fref pref prev next nref lref last post

[ PRIVACY Forum ] Fraudulent "Google" crypto cert found in the wild

daemon@ATHENA.MIT.EDU (PRIVACY Forum mailing list)
Thu Jan 3 18:44:38 2013

Date: Thu, 3 Jan 2013 15:14:13 -0800
To: privacy-list@vortex.com
Message-ID: <20130103231413.GB12355@vortex.com>
MIME-Version: 1.0
Content-Disposition: inline
From: PRIVACY Forum mailing list <privacy@vortex.com>
Reply-To: PRIVACY Forum mailing list <privacy@vortex.com>
Content-Type: text/plain; charset="iso-8859-1"
Errors-To: privacy-bounces+privacy-forum=mit.edu@vortex.com
Content-Transfer-Encoding: 8bit



Fraudulent "Google" crypto cert found in the wild

http://j.mp/VA2FMC  (Wired)

   "The unauthorized Google.com certificate was generated under the
    *.EGO.GOV.TR certificate authority and was being used to
    man-in-the-middle traffic on the *.EGO.GOV.TR network. Google's
    spokesman said the unauthorized Google certificate was created
    sometime in early December, fourteen months after Turktrust issued the
    CA certificate to *.EGO.GOV.TR.  The *.google.com certificate, a
    so-called wild-card certificate, would have allowed whoever was using
    it to intercept and read any communication that passed from users on
    the *.EGO.GOV.TR network to any google.com domain, including encrypted
    Gmail traffic."

 - - -

I continue to assert that the global PKI is increasingly not
trustworthy, and that alternatives to the conventional certificate
issuing model are deserving of serious consideration.

--Lauren--
Lauren Weinstein (lauren@vortex.com): http://www.vortex.com/lauren 
Co-Founder: People For Internet Responsibility: http://www.pfir.org/pfir-info
Founder:
 - Network Neutrality Squad: http://www.nnsquad.org 
 - PRIVACY Forum: http://www.vortex.com/privacy-info
 - Data Wisdom Explorers League: http://www.dwel.org
 - Global Coalition for Transparent Internet Performance: http://www.gctip.org
Member: ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Google+: http://vortex.com/g+lauren / Twitter: http://vortex.com/t-lauren 
Tel: +1 (818) 225-2800 / Skype: vortex.com

_______________________________________________
privacy mailing list
http://lists.vortex.com/mailman/listinfo/privacy
home help back first fref pref prev next nref lref last post