Firefox

September 2, 2011

Man in Middle Attacks Dangerous in Iran – Part 2

به زبان فارسیUPDATE: Google and Mozilla have revoked more than 200 security certificates as a result of a hack into the accounts of certificate authority, DigiNotar.WARNING: Tor, Yahoo, and Mozilla were among the targets.WHAT THIS MEANS: If you are in using Tor software downloaded after July 9, it might be compromised. Users of confirmed versions of Tor should not have been effected. (Read more on the Tor Blog.) If you have not checked the signature of Tor to ensure that it is authentic, now is the time to do so. Instructions are here.MORE THAN 200 SECURITY CERTIFICATES STOLENA few days ago, Arseh Sevom reported on compromised security for users in Iran. It was reported that a security certificate was stolen and was in used in Iran. This certificate was used to access secure communication between users in Iran and Google.Read more...
August 30, 2011

Man in the Middle: Google Becomes Dangerous in Iran

It all began with a simple message. An Iranian internet user was trying to connect to Google using the Chrome browser. Strangely enough, his browser flashed a message telling him that the security certificate he was using to access Google was not theirs. The user went to Google’s help forums to follow up on this and an investigation followed which uncovered a secretive, but highly explosive plot: a security firm in the Netherlands, DigiNotar, had seemingly provided a certificate to “someone” in Iran that allowed access to all secure traffic over Google within Iran.Security bloggers are reporting that the site may have been hacked earlier, in 2009. Screenshots of hacked pages are being shared via the internet. The links to those pages were available as recently as the morning (in Europe) of August 30th.Read more...