Slashdot Mirror
Firefox Fears UAE Government's Cybersecurity Company 'DarkMatter' May Be Tied To a Cyber Espionage Program (patentlyapple.com)
An anonymous reader quotes a report from Patently Apple: Firefox browser-maker Mozilla is considering whether to block cybersecurity company DarkMatter from serving as one of its internet security gatekeepers after a Reuters report linked the United Arab Emirates-based firm to a cyber espionage program. Reuters reported in January that DarkMatter provided staff for a secret hacking operation, codenamed Project Raven, on behalf of an Emirati intelligence agency. The unit was largely comprised of former U.S. intelligence officials who conducted offensive cyber operations for the UAE government. Former Raven operatives told Reuters that many DarkMatter executives were unaware of the secretive program, which operated from a converted Abu Dhabi mansion away from DarkMatter's headquarters.
Those operations included hacking into the internet accounts of human rights activists, journalists and officials from rival governments, Reuters found. DarkMatter has denied conducting the operations and says it focuses on protecting computer networks. While Mozilla had been considering whether to grant DarkMatter the authority to certify websites as safe, two Mozilla executives said in an interview last week that Reuters' report raised concerns about whether DarkMatter would abuse that authority. Mozilla said the company has not yet come to a decision on whether to deny the authority to DarkMatter, but expects to decide within weeks. Further reading available via Reuters
Those operations included hacking into the internet accounts of human rights activists, journalists and officials from rival governments, Reuters found. DarkMatter has denied conducting the operations and says it focuses on protecting computer networks. While Mozilla had been considering whether to grant DarkMatter the authority to certify websites as safe, two Mozilla executives said in an interview last week that Reuters' report raised concerns about whether DarkMatter would abuse that authority. Mozilla said the company has not yet come to a decision on whether to deny the authority to DarkMatter, but expects to decide within weeks. Further reading available via Reuters
Then put them on hold. Then see. Finally decide.
Sent as ripples into the electromagnetic field. No single photon has been harmed in the process.
"Government's Cyber Security Company" - what else could you expect?
In terms of technology, we never can be confident that we are safe.
Passive security, such as fixing bugs and holes in software, tend to be after the fact there was a problem found, and proper security policies are often difficult to follow.
Active security, such as Anti-virus software, and content gatekeepers, means you need to give up some of your Passive Security features (such as having an application Run with full system access, which scans and can change your active memory and all files on your drive) Gate keepers who look at everything you do and judge if it is safe or not. And the further out you outsource the technology to, the less you know how much can trust the data won't be misused.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
We need to trust regional CAs less, the classic example is the Hong Kong Post Office. Mozilla's list of current roots - https://ccadb-public.secure.fo...
If EVERYONE only makes shoes we all starve in a week. Therefore making shoes is bad.
Logic.