Stories
Slash Boxes
Comments

SoylentNews is people

Mozilla Fears DarkMatter 'Misuse' Of Browser For Hacking

posted by Fnord666 on Wednesday March 06 2019, @09:44AM   Printer-friendly
from the judge-jury-and-executioner dept.

Arthur T Knackerbracket has found the following story:

Firefox browser-maker Mozilla is considering whether to block cybersecurity company DarkMatter from serving as one of its internet security gatekeepers after a Reuters report linked the United Arab Emirates-based firm to a cyber espionage program.

Reuters reported in January that DarkMatter provided staff for a secret hacking operation, codenamed Project Raven, on behalf of an Emirati intelligence agency. The unit was largely comprised of former U.S. intelligence officials who conducted offensive cyber operations for the UAE government.

Former Raven operatives told Reuters that many DarkMatter executives were unaware of the secretive program, which operated from a converted Abu Dhabi mansion away from DarkMatter’s headquarters.

Those operations included hacking into the internet accounts of human rights activists, journalists and officials from rival governments, Reuters found. DarkMatter has denied conducting the operations and says it focuses on protecting computer networks.

[...] DarkMatter has been pushing Mozilla for full authority to grant certifications since 2017, the browser maker told Reuters. That would take it to a new level, making it one of fewer than 60 core gatekeepers for the hundreds of millions of Firefox users around the world.

[Selena] Deckelmann said Mozilla is worried that DarkMatter could use the authority to issue certificates to hackers impersonating real websites, like banks.

As a certification authority, DarkMatter would be partially responsible for encryption between websites they approve and their users.

In the wrong hands, the certification role could allow the interception of encrypted web traffic, security experts say.

In the past Mozilla has relied exclusively on technical issues when deciding whether to trust a company with certification authority.

The Reuters investigation has led it to reconsider its policy for approving applicants. “You look at the facts of the matter, the sources that came out, it’s a compelling case,” said Deckelmann.

Previously: Surveillance Firm Asks Mozilla to be Included in Firefox's Certificate Whitelist

Original Submission

 
This discussion has been archived. No new comments can be posted.
Mozilla Fears DarkMatter 'Misuse' Of Browser For Hacking | Log In/Create an Account | Top | 7 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Interesting) by aiwarrior on Wednesday March 06 2019, @12:50PM

    by aiwarrior (1812) on Wednesday March 06 2019, @12:50PM (#810684) Journal

    Giving the certificates pass would be absolutely ridiculous. It's like: "Oh a hitman wants to buy a gun", hmmm he never killed the gun salesman before so it is ok.

    Starting Score:    1  point
    Moderation   +2  
       Interesting=2, Total=2
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4