[nickf]

Aside from what mjg59 said, it's clear you don't quite understand how CT works. Logs are stood up and then go through a fairly rigorous acceptance process by Google (and Apple) before finally being used. 'Used' in that a CA can then submit pre-certs to it and include the resulting SCTs in signed certificates, making them functional on Chrome/Apple platforms. Even the CA using the log generally takes some communication with the log operator to ensure the right set of roots are trusted for submitted pre-certs.

CT logs are used by CAs, not clients. A 'fake' log isn't a thing.

[michaelt]

If you are able to compromise a CA and generate a bogus certificate, why couldn't you also compromise a certificate transparency log provider and generate a bogus signed merkle hash?

(Not that I'm a DNSSEC user myself, my feet aren't bulletproof)

[nickf]

Not sure what you really mean here - CAs are required to get SCTs from multiple, independently-operated logs. Even then, I think what you're implying here is mathematically impossible, and easily and immediately detectable. Bear in mind on at least 2 occasions these logs have detected and been decommissioned based on cosmic-ray induced bit-flips, not discovered by the actual log operators. CT is a pretty robust system.

[matthew9219]

Fwiw (tangent), I don't necessarily believe either of those instances were cosmic-ray induced bit-flips. I'd have to dig up the study, but I read a study once that more or less concluded "cosmic-rays are more common in memory unsafe languages and on overclocked PCs". Or more accurately, engineers frequently misattribute memory corrupt and operating outside specification to cosmic rays.

Particularly when the software in question is running on somebody else computer, proprietary software and OS (or OS modules), unknown patch versions, etc.