Stories
Slash Boxes
Comments

SoylentNews is people

Privdog is Superfish All Over Again

posted by janrinok on Tuesday February 24 2015, @04:13AM   Printer-friendly
from the despair dept.

The Mighty Buzzard writes:

Yeah, sometimes people just make some astoundingly bad decisions.

Privdog has been designed to block certain trackers and advertisement from showing up while you browse the Internet. It blocks all advertisement that is not hosted directly on the domain you are visiting and replaces it with AdTrustMedia advertisement.

What's worse however is the fact that it installs a certificate on the system as well. While it does not share the same key on all installations, it has an arguably even bigger flaw than that: it intercepts all certificates and replaces them with one signed by its own root key.

All in this regard means valid and invalid certificates which in turn means that the browser you are using accepts any certificate regardless of whether it is valid or not.

I have no words for this incredible level of stupidity.

 
This discussion has been archived. No new comments can be posted.
Privdog is Superfish All Over Again | Log In/Create an Account | Top | 36 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Interesting) by kaszz on Tuesday February 24 2015, @05:54AM

    by kaszz (4211) on Tuesday February 24 2015, @05:54AM (#148955) Journal

    Interesting tweet from that "KingTherapy"..

    @howtogeek @SwiftOnSecurity @cryptostorm_is Apple now includes US & CN Government MITM Roots in 214 Trusted CA's!
    http://zitseng.com/archives/7489 [zitseng.com]

    COMODO Certification Authority - Never trust [twimg.com]
    DoD CLASS 3 Root CA [twimg.com]

    @howtogeek @SwiftOnSecurity @cryptostorm_is Look at how optimistic all are about the integrity of their CA root. 20 years? Offline or not!

    @howtogeek @SwiftOnSecurity @cryptostorm_is Of course there are HW controls needed to update the roots - validated by GEMALTO chips!

    @howtogeek @SwiftOnSecurity @cryptostorm_is And the winner of the 2015 award for "Turtles, All The Way Down" is...

    People.. time to downsize your browser list of trusted CA. And hunt for CAs that will be accepted that is not in that list, ie backdoors.

    Starting Score:    1  point
    Moderation   +2  
       Insightful=1, Interesting=1, Total=2
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4