DigiNotar (and Potentially Many Iranians) Suffers Death by Microsoft

Dr. Roy Schestowitz

2011-09-21 17:23:14 UTC
Modified: 2011-09-21 17:23:14 UTC

Christ

Summary: Bankruptcy for a Dutch company that relied on Microsoft products while providing security/encryption services

A few weeks ago we wrote about DigiNotar, noting that Windows dependence caused a huge mess. DigiNotar has just died based on reports that say it filed for bankruptcy in The Netherlands. This not only cost a lot to other companies (and their reputation) but it also compromised the identity and activity of ~300,000 Iranian internet users, potentially leading to the death of some. The crack was caused by Cain and Abel, which according to Wikipedia is "a password recovery tool for Microsoft Windows. It can recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks."

"Proprietary software hides code and also hides the weaknesses, which doesn't mean they are not still there."There is another incident worthy of being mentioned. Incidentally, on the face of it, "If you use Skype on an iPhone or iPod touch, Phil Purviance can steal your device's address book simply by sending you a chat message," writes The Register. Apple+Microsoft Skype (proprietary)=insecurity.

This other new report from the same source says that "Apple has dropped a couple of monumental password security clangers with the release on OS X Lion, according to security blogger Patrick Dunstan."

Hey, at least it's shiny. Proprietary software hides code and also hides the weaknesses, which doesn't mean they are not still there. ⬆

Comments

twitter

2011-09-21 18:29:28

Pogson reports Apple's authentication changes have created gaping holes.

Every surrender of rights makes people less secure. In the non free world, "security" means protecting big companies from users not random malice and exploitation. Non free software, like prison, does not trade liberty for security and people who use it are always at the mercy of the software's owners.

Recent Techrights' Posts

Computers Got Smaller, So GNU/Linux Got Bigger: Many people here recognise the lack of urgency (or need) to get expensive new laptops
GNU/Linux Grows at Windows' Expense and Microsoft Trolls Infest and Maliciously Target Articles About It: Microsoft is - and has long been - organised crime
They Say I'm Mr. Bombastic: They didn't take good lawyers
Links 09/06/2025: Science, Hardware Projects, and Democracy Receding: Links for the day
BetaNews is a Plagiarism and LLM Slop Hub, the Chief Editor Isn't Addressing This Problem Anymore: SS Fagioli is basically a parasite leeching off or exploiting other people's work
Links 09/06/2025: Chaos in Los Angeles and Hurricane Season: Links for the day
Links 09/06/2025: Windows TCO and Many Data Breaches: Links for the day
Abuse Inside the Polish Patent Office (UPRP) - Part VI: Political Stunts by Former President Edyta Demby-Siwek and the Connection to Profound Corruption at EUIPO: it's like a money-laundering operation where one politician rewards another at taxpayers' expense
Gemini Links 09/06/2025: Pipelines and Splitgate: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, June 08, 2025: IRC logs for Sunday, June 08, 2025
Links 08/06/2025: Tiananmen Carnage Censorship Persists, North Korean Goes Offline: Links for the day
Gemini Links 08/06/2025: Love as an Ethnographic Method and Monitorix Gemini-Frontend v0.1: Links for the day
Links 08/06/2025: Exposure of More GAFAM Surveillance and Social Security Records Compromised: Links for the day
Linux Foundation is a Mediator for Microsoft et al, Not for Small Companies That Support Rather Than Attack the GPL: Many people still wrongly assume that because it is called "Linux Foundation", then it is pro-Linux and represents the same mindset
This Past Friday, Confirming What We Said All Along About Brett Wilson LLP: It's Shrinking, Has Considerable Debt, Loss of Net Assets Despite the Microsoft SLAPP Money: The documents only became publicly available less than 2 days ago
Some of the Many Reasons We Sued Microsofters for Harassment: perpetrators of harassment
For 20 Years Many People Were Sharecropping for Canonical's Oligarch, Now He's Deleting All Their Contributions: "Ubuntu has erased instead of archiving the trove of material at Ubuntu Forums"
There Was Always Too Much 'Crazy Stuff' Going on Around Freenode: What many IRC users lost sight of
Exposing Crime is Not a Crime (It Never Was): In the eyes of rich and powerful people, those who speak about their crimes are the "criminals"
GNU/Linux Distros Abandoning Microsoft GitHub: Will curl be next to leave Microsoft GitHub?
Expect More XBox Mass Layoffs Soon If the Rumours Are True: From a Microsoft media operative
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, June 07, 2025: IRC logs for Saturday, June 07, 2025
Europe Needs to Move Away From GAFAM; The Sooner, the Better: Europe - not just the EU - must abandon GAFAM as soon as possible
The Issue Isn't GNOME's Promotion of Diversity But GNOME Corruption, Abuse, Censorship, and Worse: So-called "Conservative" (republican, pro-Trump, bigoted) people want you to think the problem with GNOME is politics
When the News Sources Become Scarce and Increasingly Full of Polluted/Contaminated 'Content' (With LLM Slop and Slop Images): Integrity matters
"Linux" Sites That Spew Out LLM Slop: We're lacking enough material for another "Slopwatch"
Abuse Inside the Polish Patent Office (UPRP) - Part V: Breaking the Law, Just Like EPO: We'll hopefully cover some of the pertinent details later this year
Links 08/06/2025: Security Lapses, CISA Cuts, and More: Links for the day
Gemini Links 07/06/2025: Mime Types and Geminisphere Introduction: Links for the day
Links 07/06/2025: Slop Companies Retain All Private Data, More Books Banned in the US: Links for the day
Gemini Links 07/06/2025: "A Monk's Guide to Happiness" and "Wireless Earbuds": Links for the day
Links 07/06/2025: More Rumours of Mass Layoffs in Microsoft's XBox Division, New COVID Variant: Links for the day
Drug Addiction is a Real Problem, It Destroys Families: a rather sensitive matter
Abuse Inside the Polish Patent Office (UPRP) - Part IV: Political Scrutiny and Errors/Inconsistencies in Official Documents: When such organisations receive scrutiny they start focusing on cover-up and muzzling of facts (or crushing people who say the truth)
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, June 06, 2025: IRC logs for Friday, June 06, 2025