X

Behind Comodo hack, an insecure Web (roundup)

A breach of the Internet's trust system arises from an outmoded method for assuring that a Web site is authentic, and it has browser makers rethinking their approach to security.

CNET News staff
See full bio
CNET News staff
2 min read

A breach of the Internet's trust system arises from an outmoded method for assuring that a Web site is authentic, and it has browser makers rethinking their approach to security.

Comodo hack may reshape browser security

A breach that let a hacker spoof digital certificates for Google.com, Yahoo.com, and other Web sites is prompting browser makers to rethink security.
(Posted in Privacy Inc. by Declan McCullagh)
April 4, 2011 4:00 a.m. PT

Comodo hacker says he's protesting U.S. policy

The person (or persons) involved with high-profile intrusion into Comodo's network says he's a 21-year-old cryptographer protesting U.S. foreign policy.
(Posted in Privacy Inc. by Declan McCullagh)
April 4, 2011 2:05 p.m. PT

Comodo: Web attack broader than initially thought

A week after Comodo revealed that one of its registration authorities was compromised and digital certificates were stolen, it discloses that another reseller was compromised.
(Posted in Insecurity Complex by Elinor Mills)
March 30, 2011 11:24 a.m. PT

FBI probes Comodo Web security breach

FBI and Italian police investigate how hacker managed to convince N.J. security firm to issue it digital certificates for Google, Yahoo, Microsoft, other major Web sites.
(Posted in Privacy Inc. by Declan McCullagh)
March 29, 2011 4:07 p.m. PT

Why browsers differ on Web sites' safety

The Comodo security breach shows that each major browser maker ships a different list of master keys to Web authentication and that each creates its list in a different way.
(Posted in Privacy Inc. by Declan McCullagh)
March 28, 2011 4:15 a.m. PT

Hackers exploit chink in Web's armor

Attack highlights flaws in a now-antiquated system that gives 650 different organizations, including the Tunisian government, the master keys to Web authentication.
(Posted in Privacy Inc. by Declan McCullagh and Elinor Mills)
March 24, 2011 4:00 a.m. PT

Google, Yahoo, Skype targeted in attack linked to Iran

Ingenious attack traced to Iranian networks led to fraudulent digital certificates that could impersonate major Web sites including Google, Yahoo, and Skype.
(Posted in Privacy Inc. by Declan McCullagh and Elinor Mills)
March 23, 2011 12:40 p.m. PT