The recent revelation of an attack on a registration authority affiliate of Comodo has sparked a more panoptic discussion about Internet security and SSL certificates.
As Comodo disclosed, on Wednesday, the registration authority had been compromised following an attack on March 15 and that the username and password were slipped of a Comodo Trusted Partner in Southern Europe. With these details the attacker managed to collect nine digital certificates across seven domains, including login. yahoo (NSDQ: YHOO).com, mail. google (NSDQ: GOOG).com, login. skype. com and addons. mozilla. org among others. However, Comodo discovered it within hours of the attack and all the certificates were countermanded with one still in use. The company said that two IP addresses were assigned to an Iranian Internet Service Provider (ISP) and believes that it could be an effort made by the Iranian government to scout on dissenters using Gmail, Skype and other services.
This issue has not only paved way for arguments on possible government spying but also has underscored the very basic problem of rightful authentication of the web space and Internet. However Moxie Marlinspike well-publicized security researcher, especially for his research on attacking SSL told CRN that it “is not viable” to revoke the process of existing certificate.
- Gentle Electrical Stimulation May Help in Improving Maths Skills
- Mutated BRCA1 Gene Increases Breast Cancer Risk
- Research Finds Huge Increase in Type-2 Diabetes, Under-40 Hardest Hit
- Step Forward in IVF Treatment in 30 Can Mount up Baby Production Three-times
- David Cameron Blamed for ‘Scaremongering’ Over Health Tourism