Iran hacks Dutch cert authority and how to protect yourself

Man in the middle attacks are hard to defend against especially if the certificates are not forged.

Iran government involved with Dutch certificate issuer hacking? ABC seems to think so.  The intent and outcome of the hacking was to make fake certificates for a ton of sites and then man-in-the-middle attack Iranian net traffic to those sites. And because the issuer didn’t let anyone know it was hacked the attack was successful for over a month.
And as a user it’s not very easy to defend yourself from these attacks if the certificates are not revoked as your web browser accepts any certificate issued from an authorized issuer.
What you could do is if you are about to do something someone might want to spy on you about, and connecting to say on the login page even if the https lock is green check that certificate that it was issued by someone you would expect like google. If you are Iranian and the certificate is from a different country like Holland or Lithuania or something weird it’s probably a man in the middle attack.

Check the certificates to be sure!

To do this click the green lock, then Certificate information link, and check the issuer is not weird.
While you are sure that a man in the middle is not happening you might want to note down the cert authority of the sites you have to use and then you can quickly check them when you are about to login. Right now might be a good time to do this.
(And Google can issue their own certificates? Is that good or bad?)


About echlinm

Computer Programmer/Systems Analyst/Hacker S31
This entry was posted in Computers and Internet, News and politics, Security and tagged , , , , , . Bookmark the permalink.

One Response to Iran hacks Dutch cert authority and how to protect yourself

  1. Pingback: # 17 : Man in the middle Web attacks using WPAD « The Puchi Herald: News from the World

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s