The 2011 DigiNotar breach changed the way browsers do security. In this episode, we learn what role a CA plays, how browsers work with CAs, and what happens when a CA is breached.
Thanks to guests Gervase Markham and Josephine Wolff.
References
- https://www.schneier.com/blog/archives/2013/09/new_nsa_leak_sh.html
- https://productforums.google.com/forum/#!topic/gmail/3J3r2JqFNTw
- http://www.slate.com/articles/technology/future_tense/2016/12/how_the_2011_hack_of_diginotar_changed_the_internet_s_infrastructure.html
- https://pastebin.com/u/ComodoHacker
- https://www.wired.com/2011/03/comodo_hack/
- https://blog.gerv.net/2011/09/diginotar-compromise/
- https://www.rijksoverheid.nl/ministeries/ministerie-van-binnenlandse-zaken-en-koninkrijksrelaties/documenten/rapporten/2012/08/13/black-tulip-update
- https://en.wikipedia.org/wiki/2009_Iranian_presidential_election_protests
Music
Music in this episode: “The Loss of Blood” by Ian Alex Mac, “Blood Loss” by Ian Alex Mac. “Inspired”, “Dark Fog”, “The Snow Queen”, and “The Path of the Goblin King”, “Ghost Story”, “Metaphysik”, “Prelude in C”, “Ossuary 2”, “Master Disorder”, “Unanswered Questions”, and “Walking the Wall” by Kevin MacLeod Licensed under Creative Commons: By Attribution 3.0 License.
Transcript
[FULL TRANSCRIPT]
[INTRO MUSIC]
JACK: A guy in Iran goes to check his e-mail. He types in gmail.com into his browser and hits enter. A strange warning pops up. It says Invalid Server Certificate. He’s unable to get to Gmail. He connects to a VPN and tries again. Through the VPN he connects just fine. He thinks there may be some funny business going on. He posts a question to the Google forums asking if there’s a possible man-in-the-middle attack going on. He also says he suspects his ISP or the Iranian government to be doing something fishy. Google responded not only to the forum post but they published a security warning to the world and released an emergency patch to their Chrome browser. Mozilla, Microsoft, and Apple followed quickly with similar security updates. There was, in fact, a man-in-the-middle attack against Gmail users; an attack which undermined the security in all browsers, an attack that had devastating consequences.