Your security, networking, programming, and application news source.
Google

Tuesday, August 30, 2011

DigiNotar Issued Fraudulent Google Certificate

<DigiNotar> is a Dutch Certificate Authority who issued a rogue SSL certificate to somebody in Iran on July 10th, 2011 for the domain name .google.com. This allows the certificate holders the ability to possibly carry out a man in the middle attack on most of Google's services, including GMail, Google+, and Google Docs.

DigiNotar is a wholly owned subsidiary of VASCO Data Security International. On August 30, 2011 <VASCO released a public statement> acknowledging that their DigiNotar Certificate Authority infrastructure was hacked on July 19, 2011, and was used to issue fraudulent CA's for a number of domains, including Google.com. <Some digging by F-Secure> found defacements left over from at least two separate intrusions that could be years old.

The Google Chrome browser <has an extra fine grained set of CA's with the authority to sign for Google> which is rumored to have protected Google Chrome users.

Firefox suggested revoking DigiNotar and <provides instructions for revoking the CA> in your local browser.


Fraudulent Digital Certificates Could Allow Spoofing (Aug 29, 2011)
<Microsoft Security Advisory (2607712)>

UPDATE (Aug 31, 2011):
<Mozilla pushes Firefox 6.0.1 update explicitly to revoke the DigiNotar CA>