Gmail is under attack again. But this time Google is not pointing fingers at China, and Mozilla and Microsoft are getting in on the security measures.
Here's the back story: Google on Monday received reports of attempted SSL man-in-the-middle, or MITM, attacks against users of its products. Specifically, someone tried to get between Google users and encrypted Google services.
"The people affected were primarily located in Iran," Google said in a blog post. "The attacker used a fraudulent SSL certificate issued by DigiNotar, a root-certificate authority that should not issue certificates for Google (and has since revoked it)."
Browser Developers Scramble
Google was quick to point out that Google Chrome users were protected from this attack because Chrome was able to detect the fraudulent certificate. Google pointed to new Chromium security features it rolled out in June as a successful preventive measure.
"To further protect the safety and privacy of our users, we plan to disable the DigiNotar certificate authority in Chrome while investigations continue," Google said. "To help deter unwanted surveillance, we recommend that users, especially those in Iran, keep their web browsers and operating systems up to date and pay attention to web browser security warnings."
Mozilla also moved quickly to protect Firefox users. Because the extent of the mis-issuance is not clear, Mozilla said it plans to release new versions of Firefox for desktop and mobile, Thunderbird, and Seamonkey and will shortly after that revoke trust in the DigiNotar root to protect users from the attack.
Meanwhile, Microsoft released Security Advisory 3607712 to address at least one fraudulent digital certificate DigiNotar issued.
"This is not a Microsoft security vulnerability; however, the certificate potentially affects Internet users attempting to access web sites belonging to Google," said Dave Forstrom, director of Trustworthy Computing at the Microsoft Security Response Center. "A fraudulent certificate may be used to spoof web content, perform phishing attacks or perform man-in-the-middle attacks against end users."
Should You Be Worried?
So how common is this type of attack in the grand scheme of security threats?
"Successful attacks against certificate authorities are rare, but we have seen two incidents in less than a year," said Chester Wisniewski, a senior security adviser at Sophos Canada. "This may indicate more interest by attackers in acquiring access to confidential communications."
These attacks may be rare ? and may be occurring more often. But they also are dangerous. That, Wisniewski said, is because there is no easy way for end-users to know their traffic is being intercepted. When a fraudulent SSL certificate is used by an attacker, he said, it is totally transparent.
"It is difficult to know who created these fraudulent certificates and we do not know how they were used," Wisniewski said. "The initial report came from a user in Iran who was using Google's Chrome browser which is configured to only accept specific certificates for Google.com, which was one of the bogus ones being used against this user."
Source: http://us.rd.yahoo.com/dailynews/rss/linux/*http%3A//news.yahoo.com/s/nf/20110830/bs_nf/79994
amoeba georgetown david letterman anderson cooper christine o donnell israel news mac miller
কোন মন্তব্য নেই:
একটি মন্তব্য পোস্ট করুন