Episode
Ep 3: DigiNotar, You are the Weakest Link, Good Bye!
27:44
Published: Sun Oct 01 2017
Description
The 2011 DigiNotar breach changed the way browsers do security. In this episode, we learn what role a CA plays, how browsers work with CAs, and what happens when a CA is breached. Learn more about your ad choices. Visit podcastchoices.com/adchoices
Chapters
Brave's browser uses advanced features while protecting user privacy.
00:00 - 01:55 (01:55)
Summary
Brave's browser uses advanced features while protecting user privacy. Google released an emergency patch to Chrome after a security warning about a potential man-in-the-middle attack, in response to a question from a Brave user on their forums.
EpisodeEp 3: DigiNotar, You are the Weakest Link, Good Bye!
PodcastDarknet Diaries
The certificate system is crucial to the secure connection ability of the internet.
01:55 - 09:39 (07:44)
Summary
The certificate system is crucial to the secure connection ability of the internet. Root certificates are used as verification and help ensure that data is not tampered with or viewed by outsiders. It is important for companies to work with browsers to be added to the root store as a certificate authority.
EpisodeEp 3: DigiNotar, You are the Weakest Link, Good Bye!
PodcastDarknet Diaries
The DigiNotar hack occurred when attackers were able to create fake certificates, thus allowing them to create fake Gmail or Google websites that look authentically legitimate.
09:39 - 19:46 (10:06)
Summary
The DigiNotar hack occurred when attackers were able to create fake certificates, thus allowing them to create fake Gmail or Google websites that look authentically legitimate. The attackers were likely able to flood local DNS servers with messages, allowing them to convince browsers to stop trusting the attackers’ target certificates.
EpisodeEp 3: DigiNotar, You are the Weakest Link, Good Bye!
PodcastDarknet Diaries
The recent cyberattack on the US government's National Research Council of Canada appears to have potentially been orchestrated by the Iranian government or someone aiding them, based on a message that appeared during the attack.
19:46 - 25:01 (05:14)
Summary
The recent cyberattack on the US government's National Research Council of Canada appears to have potentially been orchestrated by the Iranian government or someone aiding them, based on a message that appeared during the attack. DRADA is highlighted as a cloud compliance software that can automate and streamline compliance for various security frameworks and controls.
EpisodeEp 3: DigiNotar, You are the Weakest Link, Good Bye!
PodcastDarknet Diaries
OneCRL is a system developed by Mozilla for emergency revocation of individual or group certificates within 24 hours, ensuring Firefox users no longer trust those certificates.
25:01 - 27:46 (02:45)
Summary
OneCRL is a system developed by Mozilla for emergency revocation of individual or group certificates within 24 hours, ensuring Firefox users no longer trust those certificates. The system can be used to combat security threats efficiently.