• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
[Fed-Talk] Now VeriSign
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Fed-Talk] Now VeriSign

  • Subject: [Fed-Talk] Now VeriSign
  • From: Todd Heberlein <email@hidden>
  • Date: Thu, 02 Feb 2012 11:04:57 -0800

Key Internet operator VeriSign hit by hackers
http://www.reuters.com/article/2012/02/02/us-hacking-verisign-idUSTRE8110Z820120202

VeriSign said its executives "do not believe these attacks breached the servers that support our Domain Name System network," which ensures people land at the right numeric Internet Protocol address when they type in a name such as Google.com, but it did not rule anything out.

Oops. DigiNotar redux?

"Oh my God," said Stewart Baker, former assistant secretary of the Department of Homeland Security and before that the top lawyer at the National Security Agency. "That could allow people to imitate almost any company on the Net."

Whenever a former top lawyer for the NSA says "Oh my God", you gotta quote it. :)

Ken Silva, who was VeriSign's chief technology officer for three years until November 2010, said he had not learned of the intrusion until contacted by Reuters. Given the time elapsed since the attack and the vague language in the SEC filing, he said VeriSign "probably can't draw an accurate assessment" of the damage.

Wait, Verisign, a company that sells critical security services for the Internet, was "hacked repeatedly by outsiders " in 2010, and the CTO at the time didn't know about it?

VeriSign sold its certificate business in the summer of 2010 to Symantec Corp, which has kept the VeriSign brand name on those products.

Symantec spokeswoman Nicole Kenyon said "there is no indication that the 2010 corporate network security breach mentioned by VeriSign Inc was related to the acquired SSL product production systems."

And Symantec was hacked in 2006, critical intellectual property stolen, and they couldn't confirm it until Anonymous convinced them last week that they really did have the source code. Not feeling warm and fuzzy.

Todd

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Prev by Date: Re: [Fed-Talk] Snow Leopard NTP issue
  • Next by Date: Re: [Fed-Talk] I fell for the 10.7.3 Update
  • Previous by thread: Re: [Fed-Talk] I fell for the 10.7.3 Update
  • Next by thread: [Fed-Talk] CAC Issues -> 10.7.3
  • Index(es):
    • Date
    • Thread