DigiNotar (and Potentially Many Iranians) Suffers Death by Microsoft

Dr. Roy Schestowitz

2011-09-21 17:23:14 UTC
Modified: 2011-09-21 17:23:14 UTC

Christ

Summary: Bankruptcy for a Dutch company that relied on Microsoft products while providing security/encryption services

A few weeks ago we wrote about DigiNotar, noting that Windows dependence caused a huge mess. DigiNotar has just died based on reports that say it filed for bankruptcy in The Netherlands. This not only cost a lot to other companies (and their reputation) but it also compromised the identity and activity of ~300,000 Iranian internet users, potentially leading to the death of some. The crack was caused by Cain and Abel, which according to Wikipedia is "a password recovery tool for Microsoft Windows. It can recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks."

"Proprietary software hides code and also hides the weaknesses, which doesn't mean they are not still there."There is another incident worthy of being mentioned. Incidentally, on the face of it, "If you use Skype on an iPhone or iPod touch, Phil Purviance can steal your device's address book simply by sending you a chat message," writes The Register. Apple+Microsoft Skype (proprietary)=insecurity.

This other new report from the same source says that "Apple has dropped a couple of monumental password security clangers with the release on OS X Lion, according to security blogger Patrick Dunstan."

Hey, at least it's shiny. Proprietary software hides code and also hides the weaknesses, which doesn't mean they are not still there. ⬆

Comments

twitter

2011-09-21 18:29:28

Pogson reports Apple's authentication changes have created gaping holes.

Every surrender of rights makes people less secure. In the non free world, "security" means protecting big companies from users not random malice and exploitation. Non free software, like prison, does not trade liberty for security and people who use it are always at the mercy of the software's owners.

Recent Techrights' Posts

Slopwatch: Another Day, Another Slopfest, LLM Slop Scrapers Slow Down Our Site: We too have some slop issues; this past day this site and the sister site had to answer about 2.5 million requests (not counting Gemini Protocol) and it's slowing things down for everybody
Abuse Inside the Polish Patent Office (UPRP) - Part IX: Minimum Wages For You (Experienced Scientist), Alicante/EU Paydays For Me (Unproductive, Corrupt Official): Does UPRP maladministration extend to the false belief that qualified and experienced scientists can play the role of circus clowns?
IBM's CEO Roasted, Sizzled and Grilled for Dumb and Inconsistent Vapourware Promises: It looks like being a chronic liar is what it takes to lead the company once synonymous with computing
Who Imitates Who? Plagiarist as Client (From Microsoft), 'Plagiarism' at the Law Firm?: let's revisit the subject
Politics Will Impact Software Choices: Will those systems respect users' freedom?
EPO: Neglecting Children to Promote American Monopolies by Shielding Them From European Competition: Yesterday the Central Staff Committee at the EPO spoke about another "reform" at the Office
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, June 11, 2025: IRC logs for Wednesday, June 11, 2025
Links 11/06/2025: More Vulnerabilities Found in 'Smart' Phones, China Extends Reach in the Pacific: Links for the day
Gemini Links 11/06/2025: Grain and Steam Next Fest: Links for the day
Links 11/06/2025: "Quantum" Hype From IBM, US Closer to Martial Law, and “The Nation” Celebrates Milestone: Links for the day
IBM's Goal Is Not (and Never Was) Computer Users' Freedom: More than 1.5 decades ago I found IBM to be an "ally of convenience" because of OpenDocument Format (ODF)
Wayland Shows the IBM/Red Hat Way of Doing Things: IBM is trying to 'kill' X
GitHub is Proprietary, Controlled by Microsoft, and GPL Violation Warehouse: "IRS tax filing software [will be] released to the people as free software" ... In general this is good news
Slopfarm Catastrophe: Seems like BetaNews (or BetaNoise) has just suffered a major data loss and restored the site from a week-old backup
Abuse Inside the Polish Patent Office (UPRP) - Part VIII: Illegal Working Conditions: How many people need to die for these people to get their massive salaries?
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, June 10, 2025: IRC logs for Tuesday, June 10, 2025
Links 10/06/2025: Apple Hype and Physical Attacks on Bloggers: Links for the day
Gemini Links 10/06/2025: Loon Lake, Farming, and Forth: Links for the day
Links 10/06/2025: Jaws at 50 and US Democracy Crushed Very Rapidly (Martial Law Seems Imminent): Links for the day
Abuse Inside the Polish Patent Office (UPRP) - Part VII: Washing Their Hands After Corruption and Abuse: "Tragedy or comedy?"
Culling Bad RSS Feeds of Bad Sites: Not throwing out the baby with the bathwater
If 'Microsoft v Techrights' is Dealt With by a 'Microsoft Court' (or a Court Outsourced to Microsoft): More on that later
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, June 09, 2025: IRC logs for Monday, June 09, 2025
Gemini Protocol Turns Six in 10 Days From Now: If you haven't tried it yet, then give it a go today
Live as You Preach: technology is fast becoming dysphoric