-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Content-ID:
Le 26/10/2011 03:36, Rajko M. a écrit :
Recently one certification authority (company) was removed from all browsers that are still maintained. Reason for that is that they were tricked to issue few fake certificates. KDE3 list is not updated so users are vulnerable.
but do you know of computer compromised by this? When I mean practical, I mean real problem, not virtual ones. For example what the fake certificates where used for?
No, that's a real danger. They faked certificates from several important companies - I don't remember the details, but you can google it, or in /. I don't remember right now the name of the company, my bad. An European government had to put out of service his entire Internet eGov structure for a while, IIRC. The danger is for any non-upated browser on any OS. I don't know if our KDE3 was updated for this one. - -- Cheers, Carlos E. R. (from 11.4 x86_64 "Celadon" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) iEYEARECAAYFAk6pJ5gACgkQtTMYHG2NR9W3XwCfQMA0zv3/ySivCut7OBcE2fnT 2ysAn3s3RRNBQ9diIwQF/PCH4d1ito/m =UAmN -----END PGP SIGNATURE-----