Sunday, September 8, 2013

Bogus chrome certificate

Builtin Object Token:Bogus kuix.de
Token:Bogus Global Trustee
http://kuix.de/

http://www.wired.com/threatlevel/2011/03/comodo-compromise/
https://www.schneier.com/blog/archives/2011/03/comodo_group_is.html
https://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html

According to the Internet Storm Center SANS, the targets included Microsoft's login.live.com, Google's mail.google.com, www.google.com, login.yahoo.com (3 certificates), login.skype.com, addons.mozilla.com, and "Global Trustee."
http://cyberwarzone.com/cyberwarfare_blogs/stolen-usertrust-certificates


the worst part is there is no option in chrome/chromium to remove or test these certificates

No comments:

Post a Comment