Shaman Posted March 31, 2011 Share Posted March 31, 2011 I know some of you like Firefox and probably other Mozilla products. Link: http://news.netcraft.com/archives/2011/03/...ertificate.html Comodo Hacker releases Mozilla certificate To prove responsibility for the recent security breach at a Comodo affiliate Registration Authority, the "Comodo Hacker" has uploaded the private key for one of the fraudulently obtained SSL certificates. Netcraft has verified that the private key does correspond to the fraudulently issued SSL certificate for addons.mozilla.org. Only Comodo, the affiliate, or the hacker could have known this secret key. As the uploaded private key does not require a passphrase, it can readily be used by other attackers. Certificate revocation mechanisms have come under recent criticism for not working effectively, so the publication of the private key introduces a widespread risk of man-in-the-middle attacks against Mozilla Add-ons users. To get around the revocation problems, most web browser software has been updated to explicitly blacklist the bogus certificates. Users can therefore protect themselves by upgrading to the latest versions. Posted by Paul Mutton on 29th March, 2011 in Security Quote Link to comment Share on other sites More sharing options...
matt770 Posted April 2, 2011 Share Posted April 2, 2011 Done, thanks! Quote Link to comment Share on other sites More sharing options...
BeeR Posted April 2, 2011 Share Posted April 2, 2011 I know some of you like Firefox Wow, and here I thought I was the last one to finally give up on that POS. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.