|
|
Stolen SSL Certificates
|
|
|
|
Posting Junkie
Join Date: Mar 2004
Location: UK
Status:
Offline
|
|
I guess this thread is a public service announcement. Apologies if I missed it somewhere else but it doesn't seem to have gotten all that much publicity.
Hackers recently stole up to 200 SSL certs from diginotar.nl that could allow them to spoof sites which your computers will recognise as legit since they have the genuine certs. Supposedly they are only using them to spy on peoples gmail in Iran but that doesn't mean they will stop there or that they won't sell them on.
Anyway, here are the instructions to make your Macs safe since Apple probably won't issue a fix with any kind of urgency:
Protecting Your Mac From the DigiNotar.nl Certificate Compromise — ps Enable
|
I have plenty of more important things to do, if only I could bring myself to do them....
|
|
|
|
|
|
|
|
Moderator
Join Date: Apr 2000
Location: Gothenburg, Sweden
Status:
Offline
|
|
Good initative. I think I'll sticky this for a while, and we can remove it when the update is released.
|
The new Mac Pro has up to 30 MB of cache inside the processor itself. That's more than the HD in my first Mac. Somehow I'm still running out of space.
|
|
|
|
|
|
|
|
Moderator
Join Date: Aug 2001
Location: Nobletucky
Status:
Offline
|
|
I've been following this since I first read about it at Ars Technica. THis is the first time, though, that I've seen any mention of downloading and installing intermediate certificates for DigiNotar. The fixes on all browsers have simply been to just delete the DigiNotar certs.
|
|
|
|
|
|
|
|
|
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
Perhaps a quick step-by-step lesson on removing certificates would be helpful; I can't figure that out, though I've managed to "un-trust" the one instance of a DigiNotar certificate I have on my system.
|
Glenn -----OTR/L, MOT, Tx
|
|
|
|
|
|
|
|
Moderator
Join Date: Aug 2001
Location: Nobletucky
Status:
Offline
|
|
Glenn, to remove the DigiNotar cert using Keychain Access, simply highlight the DigiNotar cert and hit "Delete" on your keyboard.
|
|
|
|
|
|
|
|
|
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
That didn't work when I tried it. It don't ask me to authenticate, it just made that lovely "clunk" sound that says "your action was not successful/appropriate/etc."
Should I log in as Admin, or is there something else to try?
And what about certificates on iOS devices? This is now scary...
|
Glenn -----OTR/L, MOT, Tx
|
|
|
|
|
|
|
|
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
I was able to kill it in the System keychain, but not in the System Roots chain, where I spent quite a while trying different ways of deleting contents...
|
Glenn -----OTR/L, MOT, Tx
|
|
|
|
|
|
|
|
Moderator
Join Date: Aug 2001
Location: Nobletucky
Status:
Offline
|
|
Weird.
When I killed it in Keychain Access, I just did a search for "diginotar", highlighted it, hit delete, entered my admin credentials, and *poof* it was gone.
|
|
|
|
|
|
|
|
|
Moderator
Join Date: Apr 2000
Location: Gothenburg, Sweden
Status:
Offline
|
|
This was actually not straightforward, so here is how I did it.
1) Open Keychain Access
2) In the searchbox, type "diginotar"
3) This should show two certificates. Select each in turn, press delete and the certificate should disappear after you enter the admin password.
Finding it in the long list in System Root doesn't let you delete it, for some reason, but if you delete it this way, it will go away.
|
The new Mac Pro has up to 30 MB of cache inside the processor itself. That's more than the HD in my first Mac. Somehow I'm still running out of space.
|
|
|
|
|
|
|
|
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
Very weird. I followed P's instructions and killed it dead. I only had one such cert though. Nothing else came up in the search.
|
Glenn -----OTR/L, MOT, Tx
|
|
|
|
|
|
|
|
Moderator
Join Date: Apr 2000
Location: Gothenburg, Sweden
Status:
Offline
|
|
The latest Mac OS X security update (2011-005) for Lion and Snow Leopard resolves this issue. The instructions are still valid for previous OSes, but for all others, I recommend that you run software update instead.
|
The new Mac Pro has up to 30 MB of cache inside the processor itself. That's more than the HD in my first Mac. Somehow I'm still running out of space.
|
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: Feb 2005
Status:
Offline
|
|
I had a similar problem when I tried deleting the cert.
Apparently, you must search for the cert and delete it from the search results. Manually locating it and using delete won't work.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|