Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fox-IT Completes the Picture On the Factored RSA-512 Keys

Posted by Soulskill on from the sneaky-rogues-with-broken-keys dept.

An anonymous reader sends in this excerpt from the Fox-IT blog: "During recent weeks we have observed several interesting publications which have a direct relation to an investigation we worked on recently. On one hand there was a Certificate Authority being revoked by Mozilla, Microsoft and Google (Chrome), on the other hand there was the disclosure of a malware attack by Mikko Hypponen (FSecure) using a government issued certificate signed by the same Certificate Authority. That case, however, is not self-contained, and a whole range of malicious software had been signed with valid certificates. The malicious software involved was used in targeted attacks focused on governments, political organizations and the defense industry. The big question is, of course, what happened, and how did the attackers obtain access to these certificates? We will explain here in detail how the attackers have used known techniques to bypass the Microsoft Windows code signing security model."

3 of 38 comments (clear)

  1. security fail by girlintraining · · Score: 3, Funny

    The big question is, of course, what happened, and how did the attackers obtain access to these certificates?

    The same thing that always happens, Pinky: Someone did a stupid thing. He or she was probably in management, since engineers are generally more careful (unless it's revision 2. Revision 2 is always evil)

    --
    #fuckbeta #iamslashdot #dicemustdie
  2. Re:Hopefully this shuts up the certificate freaks. by girlintraining · · Score: 4, Funny

    For years now there have been some very vocal "security experts" who repeatedly trumpet how certificates and digital signatures somehow solve all security woes.

    Funny I've never seen any of them in these here parts. We know how to handle dem security experts when they come 'round. Don't need none of that fancy ADP anti-viral intrusion penetration stuff. We don't download no screensavers or run javascript on every website, and we got big duke over there (He's our firewall dog). It's been good enough for us.

    --
    #fuckbeta #iamslashdot #dicemustdie
  3. Re:Short answer by Forbman · · Score: 5, Funny

    "Onze visie op de eigen slagkracht van de overheid" ...which translates to:

    "Drink more Ovaltine".