http://www.h-online.com/security/news/item/The-story-of-a-crime-notes-on-the-DigiNotar-break-in-1742025.html
The security specialists at Fox-IT have released a 101-page report that almost reads like a whodunit story. The subject is the break-in at Dutch certificate authority (CA) DigiNotar, which Fox-IT has been in charge of investigating. Last year, a clever hacker managed to break into DigiNotar's infrastructure over the internet and issue large numbers of SSL certificates for important domains like google.com, microsoft.com and skype.com. It became clear that the hacker was not doing it just for kicks when one of the Google certificates they had issued was used to spy on a large number of Iranian internet users. The report says that the attacker stored the break-in tools in the publically accessible directory http://www.diginotar.nl/beurs on the DigiNotar web server and then gained access from a number of different systems in the CA's network. ... _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
