Slashdot Mirror

← Back to Stories (view on slashdot.org)

Controversial Surveillance Firm Blue Coat Was Granted a Powerful Encryption Certificate (vice.com)

Posted by msmash on from the talk-of-the-town dept.

Joseph Cox, reporting for Motherboard (edited for clarity): A controversial surveillance company called Blue Coat Systems -- whose products have been detected in Iran and Sudan -- was recently issued a powerful encryption certificate by Symantec. The certificate, and the authority that comes with it, could allow Blue Coat Systems to more easily snoop on encrypted traffic. But Symantec downplayed concern from the security community. Blue Coat, which sells web-monitoring software, was granted the power in September last year, but it was only widely noticed this week. The company's devices are used by both government and commercial customers for keeping tabs on networks or conducting surveillance. In Syria, the technology has been used to censor web sites and monitor the communications of dissidents, activists and journalists.Blue Coat assures that it is not going to utilize the certificates to snoop on us. The Register reports: We asked Blue Coat how it planned to use its new powers -- and we were assured that its intermediate certificate was only used for internal testing and that the certificate is no longer in use. "Symantec has reviewed the intermediate CA issued to Blue Coat and determined it was used appropriately," the two firms said in a statement. "Consistent with their protocols, Symantec maintained full control of the private key and Blue Coat never had access to it. Blue Coat has confirmed it was used for internal testing and has since been discontinued. Therefore, rumors of misuse are unfounded."

2 of 114 comments (clear)

  1. Re:Simple question by whoever57 · · Score: 3, Informative

    Simple answer, because the tinfoil hat club has been proven right over and over again in the 21st century.

    I don't think that the tinfoil hat club has been right. In fact, the surveillance and control has been worse than most claims of the tinfoil hat club.

    --
    The real "Libtards" are the Libertarians!
  2. Re:Understanding PKI by jaseuk · · Score: 4, Informative

    You will get a warning if you visit using Chrome or any other browser that supports key pinning / Strict Transport Security (HSTS). There are enough people using Chrome/Firefox for this to be an early warning system.

    Jason