|
|
|
|
|
|
by HackinOut
4136 days ago
|
|
|
Komodia, the company behind the tech contracted by the maker of SuperFish, actually (tries) to makes sure invalid and self-signed certificate do generates a warning in the browser. And then they password protect the private key with... the name of their company?!? http://www.komodia.com/wiki/index.php?title=SSL_Digestor#Cer... "Also the module tries to verify that the certificate is indeed signed by an approved signer, it will use the CA store of the browser used to verify that (for Internet Explorer the Windows store will be used, and for Firefox the NSS store will be used), if the certificate isn't legit, the created certificate will be created in a way it would raise an alert to protect the user." A huge ugly hack... |
|
|