Hacker News new | past | comments | ask | show | jobs | submit login

> They issued fraudulent SSL certificates in 2011: https://www.schneier.com/blog/archives/2011/03/comodo_group_...

Moxie had an amusing anecdote about this incident in his Blackhat 2011 talk "SSL and the future of authenticity"[0]. Apparently the same IP as was used by the "sophisticated attacker" and disclosed by Comodo downloaded sslsniff[1] from moxies server the next day, referred by a video tutorial about intercepting SSL..

0: https://youtu.be/Z7Wl2FW2TcA?t=5m

1: https://moxie.org/software/sslsniff/




Thanks, this video really made my day! :) I guess I won't be buying certificates from Comodo anytime soon.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: