DigiNotar (and Potentially Many Iranians) Suffers Death by Microsoft

Dr. Roy Schestowitz

2011-09-21 17:23:14 UTC
Modified: 2011-09-21 17:23:14 UTC

Christ

Summary: Bankruptcy for a Dutch company that relied on Microsoft products while providing security/encryption services

A few weeks ago we wrote about DigiNotar, noting that Windows dependence caused a huge mess. DigiNotar has just died based on reports that say it filed for bankruptcy in The Netherlands. This not only cost a lot to other companies (and their reputation) but it also compromised the identity and activity of ~300,000 Iranian internet users, potentially leading to the death of some. The crack was caused by Cain and Abel, which according to Wikipedia is "a password recovery tool for Microsoft Windows. It can recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks."

"Proprietary software hides code and also hides the weaknesses, which doesn't mean they are not still there."There is another incident worthy of being mentioned. Incidentally, on the face of it, "If you use Skype on an iPhone or iPod touch, Phil Purviance can steal your device's address book simply by sending you a chat message," writes The Register. Apple+Microsoft Skype (proprietary)=insecurity.

This other new report from the same source says that "Apple has dropped a couple of monumental password security clangers with the release on OS X Lion, according to security blogger Patrick Dunstan."

Hey, at least it's shiny. Proprietary software hides code and also hides the weaknesses, which doesn't mean they are not still there. ⬆

Comments

twitter

2011-09-21 18:29:28

Pogson reports Apple's authentication changes have created gaping holes.

Every surrender of rights makes people less secure. In the non free world, "security" means protecting big companies from users not random malice and exploitation. Non free software, like prison, does not trade liberty for security and people who use it are always at the mercy of the software's owners.

Recent Techrights' Posts

Microsoft's Debt Has Skyrocketed by More Than 15 Billion Dollars in 6 Months or 8.2 Billion Dollars in the Past 3 Months Alone: The corporate media intentionally disregards - or merely turns a blind eye to - such data
Rumour: IBM Layoffs in Canada Starting Tomorrow: "RA (IBM's term for layoffs) Coming to Canada this week (Nov 3rd)"
Debunking False/Misleading Statements Made or Told to the High Court: People who try to cheat the system by gaslighting judges will end up discrediting themselves
Fear, Uncertainty, Doubt (FUD) by LLM Slop: The Web has become such a sordid mess that this FUD made by bots is what Google News deems to be "the news"
This Month's Analytics Show Vista 11 Down, GNU/Linux Up: After pulling the plug on Vista 10 we see losses - not gains - for Vista 11
Almost Fully Caught Up: The EPO series will continue very soon, maybe tomorrow or on Tuesday
Links 02/11/2025: Another Halloween Bust and MAGA Regime Says Public Universities Should No Longer Hire 'Foreign' Employees: Links for the day
The Long-Coveted Milestone of 3,200 Active Gemini Capsules: Despite being away some days last week, about 50,000 Gemini requests were served each day, on average
Five More Days Till Techrights Party: We'll have many more batches of Daily Links as we catch up with a 'backlog' of news
Links 02/11/2025: More Nuclear Escalations and "Anti-Cybercrime Laws Are Being Weaponized to Repress Journalism": Links for the day
Gemini Links 02/11/2025: "The Pragmatic Programmer", Perl New Features and Foostats: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, November 01, 2025: IRC logs for Saturday, November 01, 2025
Linux.com is Becoming Microsoft: They took a once-reputable site with a vast audience and turned it into a pile of trash
Microsoft Lunduke: People Pointing Out I'm a Bigot is a Badge of Honour: It's almost as if he openly admits being a troll and is proud of it
Oracle's Debt Continues Rising to All-Time Highs, The "Slop Bubble" is a Smokescreen for Larry Ellison: wishful-thinking bubble waiting to implode completely
News on the Web is Becoming Rare, Shallow, and Difficult to Find: To efficiently and rapidly find original and important news without underlying comprehension/understanding of the news (and its context) is a hard task
Slopwatch: Linux Journal, Serial Slopper, WebProNews, and More: getting back into the habit
The Cocaine Patent Office - Part III: European Patent Office Officials Cannot Claim False Identification: Corroborating with other sources is always desirable if possible. We shall do so later in this series.
Facebook's Debt Leaps to Over 51 Billion Dollars: A lot of this is a bubble, aside from the bubble the media irresponsibly dubs "AI"
Still Catching Up, Daily Links a Top Priority: Readers who have additional information about the EPO can send it along to us
3 Days Ago Over at Tux Machines...: GNU/Linux news
Links 01/11/2025: "Americans Are Defaulting on Car Loans at an Alarming Rate" While Many Left to Starve (SNAP): Links for the day
Gemini Links 01/11/2025: FIFO and Gemini Age Survey: Links for the day
Why Does German Media Protect the EPO From Accountability for Cocaine?: Can we trust such media to properly inform the public?
Most of This Month Will Deal With EPO Scandals: A timeline of sorts
Links 01/11/2025: Microsoft Azure Goes Offline Again: Links for the day
Links 01/11/2025: Microsoft Distributes Malware Again, Radio Free Asia Shut Down by Dictator: Links for the day
November is Here, Anniversary Party This Coming Friday: Expect this site to return to its normal publication pace either by tomorrow or Monday
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, October 31, 2025: IRC logs for Friday, October 31, 2025
Gemini Links 01/11/2025: Synergetic Disinformation and Software Maintenance: Links for the day
IRC Proceedings: Thursday, October 30, 2025: IRC logs for Thursday, October 30, 2025
IRC Proceedings: Wednesday, October 29, 2025: IRC logs for Wednesday, October 29, 2025