Jump to content

Near SSL breach


CHiLL
 Share

Recommended Posts

Some Iranian hackers hacked into Comodo (CA) and got forged certificates for sites such as GMail.com, login.live.com, login.skype.com, login.yahoo.com and addons.mozilla.com. The latter is the most dangerous because it could have meant that anyone who installed addons for Firefox could have been installing malware without knowning. However, these certificates have been marked as dodgy by major CAs, and the certificate IDs have been sent to client machines in the forms of Windows Updates and the likes.

 

This could have been more severe. Since the world of SSL/Certificates is based on trust, if it becomes compromised, the entire infrastructure of secure websites across the Internet would grind to a halt.

 

More info; http://www.theregister.co.uk/2011/03/23/gmail_microsoft_web_credential_forgeries/

Link to comment
Share on other sites

Hahaha bloody Iranians! They sit on white plastic garden chairs all day doing Fcuk all yet they hack into this lot!  :cool:

Genralising Iranians could be linked to racism. Racism is forbidden.
Link to comment
Share on other sites

wow, could they have gotten into our emails and sent spam from them?

It would have been more them able to pretend to be that website, and successfully trick people. Also able to push malware/social engineering tricks towards the users. That couldn't access your mail accounts, but they could pose as the affected sites and appear genuine.

Link to comment
Share on other sites

wow, could they have gotten into our emails and sent spam from them?

It would have been more them able to pretend to be that website, and successfully trick people. Also able to push malware/social engineering tricks towards the users. That couldn't access your mail accounts, but they could pose as the affected sites and appear genuine.

but with this happening, they could have recorded our email adresses and passwords?

Link to comment
Share on other sites

wow, could they have gotten into our emails and sent spam from them?

It would have been more them able to pretend to be that website, and successfully trick people. Also able to push malware/social engineering tricks towards the users. That couldn't access your mail accounts, but they could pose as the affected sites and appear genuine.

but with this happening, they could have recorded our email adresses and passwords?

I suppose so, I hadn't thought of it that way.

Link to comment
Share on other sites

wow, could they have gotten into our emails and sent spam from them?

It would have been more them able to pretend to be that website, and successfully trick people. Also able to push malware/social engineering tricks towards the users. That couldn't access your mail accounts, but they could pose as the affected sites and appear genuine.

but with this happening, they could have recorded our email adresses and passwords?

I suppose so, I hadn't thought of it that way.

I hope the didn't get into my one, just thought about my school email address

Link to comment
Share on other sites

wow, could they have gotten into our emails and sent spam from them?

It would have been more them able to pretend to be that website, and successfully trick people. Also able to push malware/social engineering tricks towards the users. That couldn't access your mail accounts, but they could pose as the affected sites and appear genuine.

but with this happening, they could have recorded our email adresses and passwords?

I suppose so, I hadn't thought of it that way.

I hope the didn't get into my one, just thought about my school email address

It didn't actually effect anything. It was sorted out before any damage could be done. The certificates that were forged were blacklisted and issued out through browser updates and Windows updates.

Link to comment
Share on other sites

wow, could they have gotten into our emails and sent spam from them?

It would have been more them able to pretend to be that website, and successfully trick people. Also able to push malware/social engineering tricks towards the users. That couldn't access your mail accounts, but they could pose as the affected sites and appear genuine.

but with this happening, they could have recorded our email adresses and passwords?

I suppose so, I hadn't thought of it that way.

I hope the didn't get into my one, just thought about my school email address

It didn't actually effect anything. It was sorted out before any damage could be done. The certificates that were forged were blacklisted and issued out through browser updates and Windows updates.

That is good, or any Australian student who logged into their email using gmail, which is the only one the government allows, would have been sending spam :/

Link to comment
Share on other sites

That may well be but tough shit! Take me to court!  :cool:

Or we could just ban you.

You could do but there's more chance of me becoming the next Pope............

Actually the chances of you being banned are becoming increasingly more promising.

Link to comment
Share on other sites

That may well be but tough shit! Take me to court!  :cool:

 

Or we could just ban you.

You could do but there's more chance of me becoming the next Pope............

Actually the chances of you being banned are becoming increasingly more promising.

 

 

Good. Bring it on. However, you need to give me three reasons why i'm being banned.....

Link to comment
Share on other sites

That may well be but tough shit! Take me to court!  :cool:

 

Or we could just ban you.

You could do but there's more chance of me becoming the next Pope............

Actually the chances of you being banned are becoming increasingly more promising.

 

 

Good. Bring it on. However, you need to give me three reasons why i'm being banned.....

 

well

1. he is admin

2. you are a pain

3. he owns the site

Link to comment
Share on other sites

I heavily rely on my Gmail account too, as do many other people across the globe, as well as organisations and educational services (in the UK at least).

Same here in australia, it is what the government gives us when we start school for school emails/internet login

Link to comment
Share on other sites

Good. Bring it on. However, you need to give me three reasons why i'm being banned.....

 

Easy.

 

1. Racist Remarks.

2. A lot of profanity being rude.

3. Provoking staff/trolling.

Link to comment
Share on other sites

That may well be but tough shit! Take me to court!  :cool:

 

Or we could just ban you.

You could do but there's more chance of me becoming the next Pope............

Actually the chances of you being banned are becoming increasingly more promising.

 

 

Good. Bring it on. However, you need to give me three reasons why i'm being banned.....

 

well

1. he is admin

2. you are a pain

3. he owns the site

 

1. and?

2. your opinion (which is wrong!)

3. so does luke

 

 

 

Good. Bring it on. However, you need to give me three reasons why i'm being banned.....

 

Easy.

 

1. Racist Remarks.

2. A lot of profanity being rude.

3. Provoking staff/trolling.

 

1. it's not racist - you've seen the news - it's a fact of life.

2. it's not being rude it's being truthful

3. it's not provoking, you replied - your problem!

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...