It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

DigiNotar Security Certificates. Has Microsoft used kill switch?. Windows, IE, Spoofing, phishing,

page: 1
4

log in

join
share:

posted on Sep, 6 2011 @ 04:18 PM
link   
Hi everyone. I was about to post a thread and link to an article, but underneath said article, it had the post date of December 31 1969 followed by an update dated today.

I thought this was strange of course, so I entered the 1969 date into the site's search engine and every news article that came up was stamped with that date, even though they are today's news articles. I called the network and they said it wasn't serious, even though they were seeing the same thing as I was.

From what I have been able to piece together, the Dutch security certificates are no longer being recognized by major companies. It seems that it has affected Google, or at least I put a search term into Google and my IE switched to Bing suddenly and clicking on a link brought me to another.

An article on Microsoft's site has an article about this spoofing article

Microsoft is aware of active attacks using at least one fraudulent digital certificate issued by DigiNotar, a certification authority present in the Trusted Root Certification Authorities Store. A fraudulent certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. While this is not a vulnerability in a Microsoft product, this issue affects all supported releases of Microsoft Windows.

And on Thompson Cyber Security Labs:

So, over the weekend, we became aware that a Dutch certificate authority had been hacked, and a whole truckload of fake certificates issued for people like google, cia.gov, and mossad, to mention just a few of the more embarrasing ones. In the fullness of time, it's become clear that the initial result of this is that for at least a day, Iranian Internet users were subject to mass Man In The Middle attacks.

[url=http://tcsltesting.blogspot.com/] Read rest of depressing news

(Sorry but I am unable to correct the above link.)
In a thread I read earlier, there appeared a strange post from a mod one some of us had never seen before. The ATS feed's page was blank for me as was Microsoft's. Has ATS also been hit?

So now what? OK, Mac users,
have your say, but please don't gloat too much?

Does anyone any helpful advice for now?
edit on 6-9-2011 by aboutface because: (no reason given)




posted on Sep, 6 2011 @ 05:15 PM
link   
This issue will affect Mac users as well, any web browser that uses HTTPS could well be affected if they have that security certificate in their trusted root authority.

The best thing to do would be to move the certificates from trusted authority to a non trusted authority, this can be done in the security section of your web browser.



posted on Sep, 7 2011 @ 10:35 AM
link   
It's also recommended that we become a user on our PCs instead of administrator.
I know I was affected, and sure don't relish having my machine being used as a middle man for any purpose.



posted on Sep, 7 2011 @ 10:42 AM
link   
reply to post by mclarenmp4
 


Thanks for your reply. This obviously is not my subject of expertise. I don't have any trusted sites listed. Is there any way I can tell if my machine has been affected?




top topics
 
4

log in

join