What They’re Not Telling Us about the French Government’s Spoofed SSL Certificates

In case you missed it, there was a bit of a row in the usually staid Public Key Infrastructure (PKI) world when the Government of France was caught red-handed spoofing some of Google’s Web sites with forged SSL certificates. The French claimed it was “human error,” and the mistake “had no consequences on the overall network security.” Sacrebleu!

The dustup, however, was not confined to Google. Microsoft indicated that the breach was possibly far wider, impacting Google Chrome on Windows, among other apps. Microsoft rushed out a fix, but not for Windows XP or Windows Server 2003. Sorry, all you Windows XP users out there – that secure Google site might not be from Google at all, and nobody is going to do anything about it.

Not only does this faux pas raise the stakes for Google’s Certificate Transparency project, but it also points out something far more sinister. After all, the NSA and Iran have also spoofed SSL certificates with compromised Certificate Authorities. In fact, it’s a relatively straightforward hack. So here’s the question: we know about France, the NSA, and Iran, but who is copying this attack that we don’t know about? After all, we only know about the ones that were caught. Where the French go, so goes the world. Can we trust PKI at all anymore?

Share the Post:
Share on facebook
Share on twitter
Share on linkedin

Overview

The Latest

chrome os developer mode

How to Turn on Chrome OS Developer Mode

Google’s Chrome OS is a popular operating system that is widely used on Chromebooks and other devices. While it is designed to be simple and user-friendly, there are times when users may want to access additional features and functionality. One way to do this is by turning on Chrome OS

homes in the real estate industry

Exploring the Latest Tech Trends Impacting the Real Estate Industry

The real estate industry is changing thanks to the newest technological advancements. These new developments — from blockchain and AI to virtual reality and 3D printing — are poised to change how we buy and sell homes. Real estate brokers, buyers, sellers, wholesale real estate professionals, fix and flippers, and beyond may

man on floor with data

DevX Quick Guide to Data Ingestion

One of the biggest trends of the 21st century is the massive surge in internet usage. With major innovations such as smart technology, social media, and online shopping sites, the internet has become an essential part of everyday life for a large portion of the population. Due to this internet