PDA

View Full Version : Int'l Issues Something to really be scared about


orange
08-30-2010, 03:50 PM
The Internet's Secret Back Door

http://www.slate.com/id/2265204/

Excerpt:

Who are these certificate authorities? At the beginning of Web history, there were only a handful of companies, like Verisign, Equifax, and Thawte, that made near-monopoly profits from being the only providers trusted by Internet Explorer or Netscape Navigator. But over time, browsers have trusted more and more organizations to verify Web sites. Safari and Firefox now trust more than 60 separate certificate authorities by default. Microsoft's software trusts more than 100 private and government institutions.

Disturbingly, some of these trusted certificate authorities have decided to delegate their powers to yet more organizations, which aren't tracked or audited by browser companies. By scouring the Net for certificates, security researchers have uncovered more than 600 groups who, through such delegation, are now also automatically trusted by most browsers, including the Department of Homeland Security, Google, and Ford Motorsóand a UAE mobile phone company called Etisalat.

In 2005, a company called CyberTrustówhich has since been purchased by Verizonó gave Etisalat, the government-connected mobile company in the UAE, the right to verify that a site is valid. Here's why this is trouble: Since browsers now automatically trust Etisalat to confirm a site's identity, the company has the potential ability to fake a secure connection to any site Etisalat subscribers might visit using a man-in-the-middle scheme.

Etisalat doesn't exactly have a clean record when it comes to privacy. Tech watchdogs have already caught it deliberately attempting to invade the privacy of its own users. In July 2009, Etisalat abruptly announced a software update on all its BlackBerry customers. Described as a "network upgrade," the application in fact copied all messages written on the device to two private Etisalat e-mail addresses. Research in Motion distanced itself from this clumsy attempt at government spyware, clarifying that it was "not a RIM-authorized software upgrade" and providing a counter-app to remove the program.

Bwana
08-30-2010, 07:06 PM
Well hell! I would shoot your boy Al Gore an email and see if he can fix it, after all, he was the one to invent the internet. You may have a hard time though, I hear he's busy with his new monster house, and rocking out to Twister Sister these days.

http://www.apostropher.com/blog/img/AlGoreAndGlowingOrb.JPG

HonestChieffan
08-30-2010, 09:44 PM
coffee bugs and now this. Damn.

Dallas Chief
08-30-2010, 10:22 PM
Damn orange. I was really hoping you had something good this time. And I was feeling generous with my rep tonight too...:shake:

orange
08-30-2010, 10:26 PM
The fact that 600 unverified, unregulated organizations - and counting - can now act as middlemen for your "secure" internet transactions isn't scary? One of those orgs. being Dept. of Homeland Security?

Want to bet this isn't on the rightwing panic sites within a week?

HonestChieffan
08-30-2010, 10:30 PM
I'll try to panic next week. This week is dove season and Cabela's has a sale starting on handgun ammo. And I have some weeds to spray Saturday if it doesn't rain.

I wonder if HS cares I bought some work shirts online from Duluth Trading?

Taco John
08-30-2010, 11:34 PM
The fact that 600 unverified, unregulated organizations - and counting - can now act as middlemen for your "secure" internet transactions isn't scary? One of those orgs. being Dept. of Homeland Security?

Want to bet this isn't on the rightwing panic sites within a week?


The rightwing panic arc is a lot longer than a week*, believe me...



*cultural xenophobia may speed the process up considerably

Hog Farmer
08-31-2010, 01:26 PM
Dove season. Hell yes, Love it !

vailpass
08-31-2010, 01:26 PM
Do I have to be as scared this time as I was when this was posted a couple weeks ago?

orange
08-31-2010, 02:19 PM
Do I have to be as scared this time as I was when this was posted a couple weeks ago?

link?

vailpass
08-31-2010, 04:00 PM
link?

ROFL Dude.