Fraudulent *.google.com Certificate

Update (Sept. 6, 2011 @10:37 a.m. PT):

New security updates for Firefox are now available.

Update (8.30.11 @ 11:25 p.m. PT)

Mozilla just released an update to Firefox for Desktop, Thunderbird and SeaMonkey. Updates are now available for:
•    Firefox for Windows, Mac and Linux (final release)
•    Firefox for Windows, Mac and Linux (3.6.21 final release)
•    Firefox Aurora for Windows, Mac and Linux
•    Firefox Nightly for Windows, Mac and Linux
•    SeaMonkey (2.3.2)
•    Thunderbird (6.0.1)

We strongly recommend that all users upgrade to these releases.

If you already have Firefox, you will receive an automated update notification within 24 to 48 hours. Users can also manually check for updates if they do not want to wait for the automatic update.

New versions of Firefox for Mobile (final release and Beta), Firefox Beta for Desktop and Thunderbird will be released shortly.

Issue

Mozilla was informed today about the issuance of at least one fraudulent SSL certificate for public websites belonging to Google, Inc. This is not a Firefox-specific issue, and the certificate has now been revoked by its issuer, DigiNotar. This should protect most users.

Impact to users

Users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for the legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe it’s coming from a trusted site. We have received reports of these certificates being used in the wild.

Status

Because the extent of the mis-issuance is not clear, we are releasing new versions of Firefox for desktop (3.6.21, 6.0.1, 7, 8, and 9) and mobile (6.0.1, 7, 8, and 9), Thunderbird (3.1.13, and 6.0.1) and SeaMonkey (2.3.2) shortly that will revoke trust in the DigiNotar root and protect users from this attack. We encourage all users to keep their software up-to-date by regularly applying security updates. Users can also manually disable the DigiNotar root through the Firefox preferences.

Credit

This issue was reported to us by Google, Inc.

 

Johnathan Nightingale
Director of Firefox Development

 

65 responses

  1. Mark wrote on :

    Diginotar/Vasco published an official statement:
    http://www.vasco.com/company/press_room/news_archive/2011/news_diginotar_reports_security_incident.aspx

  2. Peter Breur wrote on :

    I am becoming very afraid if it is this easy to kill a company that has served the Dutch community for a very long time. More so, a lot of bonafide Dutch companies and government agencies use server certificates from DigiNotar. So your action will affect a whole nation.

    Also, if I remember correctly, no such harsh measures were taken against Comodo, who(se subsidiaries) experienced similar security breaches several times in the not so distant past. One wonders if this is a trust or a fear issue (DigiNotar is probably not large enough to start law-suits against the browser builders).

    I.m.o. browser builders are stepping out of line if they are acting as if they are the root CA’s for the planet Earth. They could play an important role in educating their users, instead of nurturing them.

    Peter Breur (Dutch citizen)

  3. Jeroen van Gelderen wrote on :

    @Peter Breur

    Two wrongs don’t make a right. Comodo should have been killed and so should Diginotar. The fact that Mozilla didn’t do the right thing w.r.t. Comodo doesn’t mean they should make the same mistake with Diginotar.

    The facts as admitted by VASCO/Diginotar in today’s press release are even more damning:

    According to today’s VASCO press release DigiNotar discovered a compromise of MULTIPLE certificates on *July* 19th 2011. They did NOT issue a press release then and attempted to quietly revoke the certificates leaving unwitting users exposed.

    It would seem that Diginotar/VASCO got caught 5 weeks later only because they failed to revoke the fraudulent *.google.com certificate at that time despite what is presumably two audits (internal and external).

    —-8<—-8<—-8<—-8<—-8<—-

    OAKBROOK TERRACE, Illinois and ZURICH, Switzerland – August 30, 2011 – VASCO Data Security International, Inc. (Nasdaq: VDSI; http://www.vasco.com) today comments on DigiNotar’s reported security incident. DigiNotar is a wholly owned subsidiary of VASCO.
    On July 19th 2011, DigiNotar detected an intrusion into its Certificate Authority (CA) infrastructure, which resulted in the fraudulent issuance of public key certificate requests for a number of domains, including Google.com.
    Once it detected the intrusion, DigiNotar has acted in accordance with all relevant rules and procedures.
    At that time, an external security audit concluded that all fraudulently issued certificates were revoked. Recently, it was discovered that at least one fraudulent certificate had not been revoked at the time. After being notified by Dutch government organization Govcert, DigiNotar took immediate action and revoked the fraudulent certificate.

    The attack was targeted solely at DigiNotar's Certificate Authority infrastructure for issuing SSL and EVSSL certificates. No other certificate types were issued or compromised. DigiNotar stresses the fact that the vast majority of its business, including his Dutch government business (PKIOverheid) was completely unaffected by the attack.

    […]

  4. Frox wrote on :

    see: http://www.vasco.com/company/press_room/news_archive/2011/news_diginotar_reports_security_incident.aspx

    The very important fact not being explained here is that (IIUC) they found the intrusion on july 19th and revoked several fraudulent certificates. BUT they failed to revoke one of them (the *.google.com one, again IIUC)

    What I mean is thatthey found an intrusion that created fraudulent certificates (BAD) and their subsequent audit failed to spot the google one (VERY BAD). Don’t they know if they are issuing certs for google or not?

  5. Sahand wrote on :

    Thank you guys for taking care of us 🙂

    You would probably be happy with killing DigiNotar for good if you were in my shoes. It will teach other CA’s to take security measures seriously.

    For you guys, a fake certificate means a stolen password or personal information. For me and thousands of other Iranians, it leads to jail, torture or even death sentence.

    Is the reputation and income of a faulty IT company which cannot protect its own assets, worth more than the lives and goodness of a nation?

  6. christian baier wrote on :

    i am glad diginotar is being deleted. just think the same should have happened with comodo…

  7. Pedram wrote on :

    hmmmmmmm
    Why when i Delete or Distrust.. the Diginotar Root and Click ok then when i come go back to Tools Options and … Its Again in there ? :O
    no matter how many time i Delete or Distrust it its still there 🙁

    i was using Google yesterday too when Suddenly it Stop Working and Give that Alert about Revoked certification

  8. Alastair Mayer wrote on :

    It’s not Mozilla’s (or Google’s, or Debian’s) action that’s killing (if it does) DigiNotar. DigiNotar effectively committed corporate suicide by issuing a fraudulent cert in the first place.

    Similar measures probably should have been taken against Comodo; DigiNotar is in the unfortunate position of having triggered a response to the situation that Comodo sensitized the community to (to use an analogy from allergic responses). However, without such a response this time, the CAs would likely take validation even less seriously. Actions have consequences, people and corporations would do well to remember this.

  9. Ed wrote on :

    @Peter Breur:

    A significant difference (and not the only one) in the Comodo case, is the fact that it did not take 40 days for the fraudulent certificate to be spotted – which is quite frankly appalling on DigiNotar’s part!

  10. Brian Miller wrote on :

    @Peter Breur

    The difference between the two incidents is that Comodo discovered the invalidly issued certificates with internal auditing and then took steps to correct the problem. Diginotar didn’t find their own invalidly issued certificates and only revoked them once they were brought to their attention by a third party. See here: http://www.mozilla.org/projects/security/certs/policy/MaintenancePolicy.html

  11. PhoenixMylo wrote on :

    It should be noted that Comodo also caught the breach within hours, immediately revoked all the affected certificates, notified both the browser vendors and the affected parties immediately and of their own accord. They screwed up, but they didn’t try to hide the fact as Diginotar did. It’s too bad that Diginotar did not follow their example, or the example of Startcom recently in suspending all certificate services and thoroughly going through systems to make sure that all fraudulent certificates were caught and systems were secure before resuming business.

  12. Christoph Anton Mitterer wrote on :

    I really wonder why you remove DigiCert (Europe based) now while you didn’t remove Comodo (US based)…

    Also why do you still refuse to implement RFC 5081? OpenPGP is in contrast to the forcibly strict hierarchical model (which OpenPGP would support, too, btw) the only real solution for security.
    A strict hierarchical model will always fail with things like this one, sooner or later.

  13. Marceau GUIHARD wrote on :

    When I delete Digi Notar CA, it is recreated immediately.

    FF 6, Windows 7 64bits.

  14. Lode V wrote on :

    @Peter Breur

    Jeroen van Gelderen is right imo

    IMO not only the DIGINOTAR Root CA should be revoked but also all other by the Diginotar signed certificates should be blocked too.
    The Breach Of Trust does not stop at only the Root CA.

    DIGINOTAR/VASCO is now playing victim.
    DigiNotar is the certificate authority for the government of the Netherlands’ public key infrastructure (PKIoverheid) and identity management platform DigiD,

    The fact that DIGINOTAR/VASCO discovered a compromise of MULTIPLE certificates on *July* 19th 2011 and that they did NOT issue a press release then and attempted to quietly revoke the certificates leaving unwitting users exposed, means to me as a dutch citizen that I do not trust anymore the certificates for the government of the Netherlands’ public key infrastructure (PKIoverheid) and the identity management platform DigiD.

    These, by the Diginotar signed certificates, should be blocked too.

  15. Lode V wrote on :

    Below a list of DigiNotar Root structure from their website in dutch:
    from
    http://www.diginotar.nl/Klantenservice/Rootcertificaten/tabid/308/Default.aspx

    Overview of rootcertificates
    – – – – –
    Overzicht actuele rootcertificaten

    Hieronder een overzicht van de DigiNotar Root structuur. Via de tabs kunt u de rootcertificaten downloaden.

    DigiNotar Root CA
    DigiNotar Public CA
    DigiNotar Qualified CA
    DigiNotar Services CA
    DigiNotar Private CA´s
    DigiNotar SSL Root
    DigiNotar Root CA
    DigiNotar Services CA
    DigiNotar EVSSL
    DigiNotar Root CA
    DigiNotar Extended Validation CA
    PKIOverheid Root G2
    Staat der Nederlanden Root CA – G2
    Staat der Nederlanden Organisatie CA – G2
    DigiNotar PKIoverheid CA Organisatie – G2
    DigiNotar Root CA G2
    – – – – – –

    Reading
    https://bugzilla.mozilla.org/show_bug.cgi?id=682956#c16
    and
    https://bugzilla.mozilla.org/show_bug.cgi?id=682956#c17
    I understand Mozilla does not distrust all rootcertificates handled by DigiNotar.

    For some reason Mozilla will only distrust rootcertificates which contain
    the text: DigiNotar Root CA
    Mozilla appears to trust the rootcertificates handled by DigiNotar for the Dutch Government: PKIOverheid / Staat der Nederlanden

    Why thinks Mozilla that Rootcertificates handled by DigiNotar for the Dutch Government are more to be trusted than other Rootcertificates handled by DigiNotar ?

    ALL Rootcertificates ARE EQUAL
    BUT SOME Rootcertificates ARE MORE EQUAL THAN OTHERS.

  16. Pirolet wrote on :

    Et en français ?
    Pas de possibilités sur cette page à laquelle j’ai eu accès par le site “Le Monde.fr”.

  17. bardia67m wrote on :

    @Marceau GUIHARD @mohammad from Iran @bahareh
    There is no concern. If you distrust or delete the certificate it will be marked as untrusted even if it shows up again. you can make sure by clicking “Edit Trust” and seeing that all of 3 trust scopes are unchecked. In this case that CA cannot be used anymore!

  18. Kasperl wrote on :

    As Lode V asked, why is Mozilla still trusting the Dutch government certificate? Is this because audits have proven that the certificate is handled differently? Or is it because it would cause too much trouble for Dutch citizens to get SSL warnings on the digitial identity service provided by the State? If it’s the latter, it seems rather dangerous, since that SSL cert is used to encrypt a lot of sensitive user data, including passport numbers, account details, and benefit statements.

    1. Daniel Veditz wrote on :

      The Dutch government, the owner of the Staat der Nederlanden roots, asked that we not revoke their certs. We currently have no evidence of a problem with those certificates and assurances from the Dutch government and GovCERT that issuance through those intermediates is under their control and has not been compromised. Like you I have my doubts, but they are bringing in an outside company to perform a technical audit so we will wait and see what the results are.

  19. Mark wrote on :

    If you are an Opera user, you automaticlly get protected, no update needed. Opera deals with revokation and blocked revokation, and has an online blacklist of Root CA’s

    http://my.opera.com/securitygroup/blog/2011/08/30/when-certificate-authorities-are-hacked-2

  20. Ferry wrote on :

    Please don’t fall for our government (NL) and still accept the DigiD. Getting a new cert doesn’t cost that much (especially for a government) and only takes some time and a bit of labour. Kill the DigiD cert as well. Maybe it will wake up our government that still claims (retarded as they are) they completely trust Diginotar.

    Our government shows time and time again they don’t understand *shit* about IT whatsoever.

More comments: 1 2 3 4