Ask not for whom the bell tolls... On Tue, Sep 6, 2011 at 20:10, Rene de Haas <[email protected]> wrote:
> *"UPDATE Tues Sept 6, 14:30 GMT* : The alleged attacker of DigiNotar has > posted an update on PasteBin. He claims that he has access to four other > Certificate Authorities, and he names two of them: StartCom and GlobalSign." > Need to see if this is true of course, bit this could end up even > bigger.... > On Tue, Sep 6, 2011 at 11:09 PM, Andrew S. Baker <[email protected]>wrote: > >> Hi Tim, >> >> Perhaps you should say, "former CA" >> >> They'll be dead before the paint dries on this investigation. >> >> BTW, this is one reason why I never buy it that any particular vendor is >> likely to be secure or robust or whatever because of the line of business >> they're in. Just because they're a bank, hospital, security vendor, CA, >> etc, doesn't mean that they're doing all the right things. >> >> DigiNotar had every reason (except short-term profits) to pursue an >> effective security strategy, but didn't. And now their profits have ended, >> too... >> >> * * >> >> *ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of >> Technology for the SMB market… >> >> * >> >> >> >> On Tue, Sep 6, 2011 at 4:01 PM, Tim Evans <[email protected]> wrote: >> >>> If this is true, I find this absolutely unacceptable that a commercial CA >>> would run a system like this. Incredible**** >>> >>> ** ** >>> >>> >>> http://computer-forensics.sans.org/blog/2011/09/06/diginotar-incident-response-report-no-logging-weak-password-no-protected-network >>> **** >>> >>> ** ** >>> >>> ** ** >>> >>> Tim Evans >>> *Associate, Information Technology Manager* >>> >>> *S P A R L I N G* >>> >>> (206) 667-0509*—Direct >>> *(206) 391-8004*—**Mobile >>> **www.sparling.com***** >>> >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
