Ah but maybe the lawsuits are about to start. Even the Dutch government is now pulling the plug on their Certs. Since DigiNotar has been closed mouthed about the extent of the hack and even may have mislead people as to not only the extent of the hack but the probable start date for the initial hack I would hope the rest of their business including the digital signature business would go away as well. I wonder since they say that root was save and secure if it really was and how many documents got a forged digital signature.
Jon Harris On Tue, Sep 6, 2011 at 5:09 PM, Andrew S. Baker <[email protected]> wrote: > Hi Tim, > > Perhaps you should say, "former CA" > > They'll be dead before the paint dries on this investigation. > > BTW, this is one reason why I never buy it that any particular vendor is > likely to be secure or robust or whatever because of the line of business > they're in. Just because they're a bank, hospital, security vendor, CA, > etc, doesn't mean that they're doing all the right things. > > DigiNotar had every reason (except short-term profits) to pursue an > effective security strategy, but didn't. And now their profits have ended, > too... > > * * > > *ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of > Technology for the SMB market… > > * > > > > On Tue, Sep 6, 2011 at 4:01 PM, Tim Evans <[email protected]> wrote: > >> If this is true, I find this absolutely unacceptable that a commercial CA >> would run a system like this. Incredible**** >> >> ** ** >> >> >> http://computer-forensics.sans.org/blog/2011/09/06/diginotar-incident-response-report-no-logging-weak-password-no-protected-network >> **** >> >> ** ** >> >> ** ** >> >> Tim Evans >> *Associate, Information Technology Manager* >> >> *S P A R L I N G* >> >> (206) 667-0509*—Direct >> *(206) 391-8004*—**Mobile >> **www.sparling.com***** >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
