Re: [cryptography] Another CA hacked, it seems.
On Thu, Dec 8, 2011 at 11:07 PM, Peter Gutmann wrote: > Ralph Holz writes: > >>As I said, at this rate we shall have statistically meaningful large >>numbers of CA hacks by 2013: > > KPN is claiming there's nothing to worry about, please move along: > > http://translate.google.com/translate?hl=en&sl=auto&tl=en&u=http%3A%2F%2Fforum.kpn.com%2Ft5%2FNews-stream%2FUPDATE-11-30-KPN-sluit-tijdelijk-website-Gemnet%2Fba-p%2F8477 http://www.h-online.com/security/news/item/Dutch-PKI-provider-s-web-site-security-breach-under-investigation-1392605.html: The web site of Gemnet, subsidiary of KPN and provider of PKI certificates to the Dutch government, succumbed to a hacker's attack according to Webwereld reports. It appears that the attackers gained access to a database on the server managed by a PHPMyAdmin instance which was not protected by a password. The attacker then used this web access to get to the database without a password. The company was informed that it was leaking information on Wednesday night and has been taken off the air by parent company KPN, who then launched an investigation... It also added that Gemnet does not issue digital certificates. Gemnet CSP, a separate company that does issue certificates for the Dutch government was also taken offline following the discovery of the attack... Its interesting that Gemnet CSP was taken offline. It raises suspicion. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Another CA hacked, it seems.
[ attaching to this thread as seemingly appropriate ] Current issue of IEEE Computer (v44 n12) has The Undermining of Digital Certificates Neal Leavitt where the author is the principal in "a fully integrated advertising, marketing, and public relations company," which I underline insofar as it demonstrates that doubts about the certificate system are not confined to folks like us on this list. --dan ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Another CA hacked, it seems.
Ralph Holz writes: >As I said, at this rate we shall have statistically meaningful large >numbers of CA hacks by 2013: KPN is claiming there's nothing to worry about, please move along: http://translate.google.com/translate?hl=en&sl=auto&tl=en&u=http%3A%2F%2Fforum.kpn.com%2Ft5%2FNews-stream%2FUPDATE-11-30-KPN-sluit-tijdelijk-website-Gemnet%2Fba-p%2F8477 Peter. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Another CA hacked, it seems.
Hi, > Did they successfully hack the CA functionality or just a web site housing > network design documents for various dutch government entities? From what > survives google translate of the original dutch it appears to be the latter > no? Too early for a definite call. But there is also this report that 1,000 certs have been revoked in the past 2-3 months. http://translate.google.com/translate?hl=nl&sl=nl&tl=en&u=http%3A%2F%2Fwebwereld.nl%2Fnieuws%2F108829%2Fspoeddebat-over-ingetrokken-kpn-certificaten-.html Might also be some routine revocation for replaced certs, though; reasons are not given it seems. > And if Kerckhoff's principle was followed what does it matter if some > network design docs were leaked. You would hope they dont contain router > passwords or such things. Yes, with respect to the hope part. Although, personally, I wouldn't dream of running phpmyadmin if I were a CA. > I'd hestitate calling that a "CA hacked" even if the web site was a web > site > belonging to someone who operates a CA. > Is there more detail? Not yet, I think. So let's not call it "hacked", if you want, but just "seriously embarassed". And I keep looking over towards the popcorn, tea & biscuits stand. :-) Ralph -- Dipl.-Inform. Ralph Holz I8: Network Architectures and Services Technische Universität München http://www.net.in.tum.de/de/mitarbeiter/holz/ signature.asc Description: OpenPGP digital signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Another CA hacked, it seems.
On 9/12/11 01:46 AM, Adam Back wrote: I'd hestitate calling that a "CA hacked" even if the web site was a web site belonging to someone who operates a CA. My question is whether the website / database had subscriber information on it. That's a CA hack, albeit more a privacy hack than a crypto-system hack. I'm presuming it did but the article doesn't seem to say. Is there more detail? +1 iang http://translate.google.com/translate?sl=auto&tl=en&js=n&prev=_t&hl=en&ie=UTF-8&layout=2&eotf=1&u=http%3A%2F%2Fwebwereld.nl%2Fnieuws%2F108815%2Fweer-certificatenleverancier-overheid-gehackt.html&act=url ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Another CA hacked, it seems.
Did they successfully hack the CA functionality or just a web site housing network design documents for various dutch government entities? From what survives google translate of the original dutch it appears to be the latter no? And if Kerckhoff's principle was followed what does it matter if some network design docs were leaked. You would hope they dont contain router passwords or such things. I'd hestitate calling that a "CA hacked" even if the web site was a web site belonging to someone who operates a CA. Is there more detail? Adam On Thu, Dec 08, 2011 at 03:26:08PM +0100, Ralph Holz wrote: As I said, at this rate we shall have statistically meaningful large numbers of CA hacks by 2013: http://translate.google.com/translate?sl=auto&tl=en&js=n&prev=_t&hl=en&ie=UTF-8&layout=2&eotf=1&u=http%3A%2F%2Fwebwereld.nl%2Fnieuws%2F108815%2Fweer-certificatenleverancier-overheid-gehackt.html&act=url Ralph ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] Another CA hacked, it seems.
As I said, at this rate we shall have statistically meaningful large numbers of CA hacks by 2013: http://translate.google.com/translate?sl=auto&tl=en&js=n&prev=_t&hl=en&ie=UTF-8&layout=2&eotf=1&u=http%3A%2F%2Fwebwereld.nl%2Fnieuws%2F108815%2Fweer-certificatenleverancier-overheid-gehackt.html&act=url Ralph -- Dipl.-Inform. Ralph Holz I8: Network Architectures and Services Technische Universität München http://www.net.in.tum.de/de/mitarbeiter/holz/ signature.asc Description: OpenPGP digital signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography