The break-in and theft of security certificates from a Dutch authority brought home, once again, how vulnerable Web browsers can be to hackers pretending to be who they’re not.
The authority, DigiNotar, is one of many that issue security certificates for websites. The digital certificates tell a browser to “trust” content coming from a certain site. Certificates for such sites are preloaded into most browsers. If something goes awry at the certificate issuing authority, browser makers usually need to patch their products to address the problem. That can open a window of opportunity for certificate thieves.
The Swift Erosion of Online Trust
Posted by: John P. Mello Jr. September 13, 2011 05:00 AMThe break-in and theft of security certificates from a Dutch authority brought home, once again, how vulnerable Web browsers can be to hackers pretending to be who they’re not.
The authority, DigiNotar, is one of many that issue security certificates for websites. The digital certificates tell a browser to “trust” content coming from a certain site. Certificates for such sites are preloaded into most browsers. If something goes awry at the certificate issuing authority, browser makers usually need to patch their products to address the problem. That can open a window of opportunity for certificate thieves.