Flaw could have let attackers steal passwords and data from apparently secure connections to Google sites such as Gmail
Security researchers are warning a web certificate is being used that could let hackers steal passwords and data from apparently secure connections to Google sites such as Gmail.
Internet users in Iran are believed to be at particular risk from the rogue SSL certificate, which is used to digitally "sign" HTTPS connections to any google.com site and was issued by a Dutch company called DigiNotar on 10 July. In particular, dissidents who trust Google's systems for their security may have been targeted in the attack.
DigiNotar – which does not have any direct business relationship with Google – has not said who the certificate was issued to, but the effect would be that someone could think they were logged securely into a site and that their communication would be encrypted; but instead attackers controlling the network could eavesdrop on all their keystrokes, including passwords. This is known as a "man in the middle"... >>>
Person | About | Day |
---|---|---|
نسرین ستوده: زندانی روز | Dec 04 | |
Saeed Malekpour: Prisoner of the day | Lawyer says death sentence suspended | Dec 03 |
Majid Tavakoli: Prisoner of the day | Iterview with mother | Dec 02 |
احسان نراقی: جامعه شناس و نویسنده ۱۳۰۵-۱۳۹۱ | Dec 02 | |
Nasrin Sotoudeh: Prisoner of the day | 46 days on hunger strike | Dec 01 |
Nasrin Sotoudeh: Graffiti | In Barcelona | Nov 30 |
گوهر عشقی: مادر ستار بهشتی | Nov 30 | |
Abdollah Momeni: Prisoner of the day | Activist denied leave and family visits for 1.5 years | Nov 30 |
محمد کلالی: یکی از حمله کنندگان به سفارت ایران در برلین | Nov 29 | |
Habibollah Golparipour: Prisoner of the day | Kurdish Activist on Death Row | Nov 28 |