s******e
发帖数: 330 | 1 这算是绑架用户吗?
Google Bans China’s Website Certificate Authority After Security Breach |
a****a
发帖数: 3905 | |
p*******m
发帖数: 20761 | |
a9
发帖数: 21638 | 4 终于把这个烂货的证书吊销了,活该
最好把CFCA也禁掉,最近这几个厂商疯狂往浏览器里塞顶级CA,删都删不过来
【在 s******e 的大作中提到】
: 这算是绑架用户吗?
: Google Bans China’s Website Certificate Authority After Security Breach
|
k****e
发帖数: 2758 | 5 我早把cnnic 去掉了
【在 s******e 的大作中提到】
: 这算是绑架用户吗?
: Google Bans China’s Website Certificate Authority After Security Breach
|
j******g
发帖数: 2689 | |
l********n
发帖数: 833 | 7 狗狗终于干了回好事了。
[发表自未名空间手机版 - m.mitbbs.com] |
x**l
发帖数: 64 | 8 自从google干掉google reader后,这是唯一让我觉得他做的正确的事情,希望其他厂
家能跟进。 |
l*****h
发帖数: 709 | 9 支持google!!!
这件事儿明显是CNNIC或者中国政府的问题,秃子头上的虱子,什么样的五毛还会为这
个洗地?? |
j*****0
发帖数: 208 | 10 CNNIC made mistake (and break informal rule) by allowing third party Egypt
company to create immediate certificate. So Chrome will create a warning
when certificate issued by CNNIC show up.
I don't know enough to tell whether it is right or wrong decision. That's
what it is.
I hate people has this attitude "中国人有权就想换钱,作假无底线" or blame "
中国政府的问题"? Why CNNIC's poor decision has anything to do with Chinese
race or Chinese government? Why don't talk we about issue as it is. Why
do you have to expand to Chinese race or Chinese government?
When Enron or NSA break the rule, I don't hear people called "American who
in power are corrupted, or why Americans has no limited in cheating".
Maybe I live in US for too long. I am only responsible for my own
action, not others. What other Chinese did has no bearing on me. |
|
|
g******e
发帖数: 3760 | 11 就事论事没错,但国产软件有问题的是比较多。
"
Chinese
Why
【在 j*****0 的大作中提到】
: CNNIC made mistake (and break informal rule) by allowing third party Egypt
: company to create immediate certificate. So Chrome will create a warning
: when certificate issued by CNNIC show up.
: I don't know enough to tell whether it is right or wrong decision. That's
: what it is.
: I hate people has this attitude "中国人有权就想换钱,作假无底线" or blame "
: 中国政府的问题"? Why CNNIC's poor decision has anything to do with Chinese
: race or Chinese government? Why don't talk we about issue as it is. Why
: do you have to expand to Chinese race or Chinese government?
: When Enron or NSA break the rule, I don't hear people called "American who
|
g*****g
发帖数: 34805 | 12 让我猜猜发生了啥,CNNIC 想做 man in the middle attack, 给狗服务加上 proxy,
偷窥狗狗的邮件啥的,
还在测试就被识破了。CNNIC是顶级 CA,谁也 revoke不了,狗狗干脆在浏览器了下手。 |
j*****0
发帖数: 208 | 13 让我猜猜发生了啥,CNNIC 想做 man in the middle attack, 给狗服务加上 proxy,
偷窥狗狗的邮件啥的,
还在测试就被识破了。CNNIC是顶级 CA,谁也 revoke不了,狗狗干脆在浏览器了下手。
You do not need to guess. Just read CNET and other internet report to see
exactly what happen.
CNNIC broke rule by allowing an unknown third party Egypt company create
immediate certificate. It is Egypt company who created bogus certificate.
CNNIC wasn't directly involved with bogus certificate.
Of course, it is big error by CNNIC.
But Google is not exactly big protector of privacy since its whole business
model is to track people and it is well known Google is very friendly term
with NSA. |
g******e
发帖数: 3760 | 14 你的意思是说CNNIC做了回活雷锋?或者傻到这样?
手。
business
【在 j*****0 的大作中提到】
: 让我猜猜发生了啥,CNNIC 想做 man in the middle attack, 给狗服务加上 proxy,
: 偷窥狗狗的邮件啥的,
: 还在测试就被识破了。CNNIC是顶级 CA,谁也 revoke不了,狗狗干脆在浏览器了下手。
: You do not need to guess. Just read CNET and other internet report to see
: exactly what happen.
: CNNIC broke rule by allowing an unknown third party Egypt company create
: immediate certificate. It is Egypt company who created bogus certificate.
: CNNIC wasn't directly involved with bogus certificate.
: Of course, it is big error by CNNIC.
: But Google is not exactly big protector of privacy since its whole business
|
e*i
发帖数: 10288 | 15 ......埃及临时工
【在 g******e 的大作中提到】
: 你的意思是说CNNIC做了回活雷锋?或者傻到这样?
:
: 手。
:
: business
|
j*****0
发帖数: 208 | 16 你的意思是说CNNIC做了回活雷锋?或者傻到这样?
I just stated what CNET and what other US internet security report said. It
is not my opinion. Just state the fact reported by those US internet
reports.
So far no report so far claim CNNIC used Egypt company to attack US.
If you believe conspiracy, how about cite source that support your point of
view? So far, you didn't provide anything substantially in this
conversation. |
j*****0
发帖数: 208 | 17 "The unauthorized certificates were issued by Egypt-based MCS Holdings, an
intermediate certificate authority that operated under the authority of
CNNIC. MCS used the certificates in a man-in-the-middle proxy, a device that
intercepts secure connections by masquerading as the intended destination.
Such devices are sometimes used by companies to monitor employees' encrypted
traffic for legal or human resources reasons. It's one of the first times a
certificate authority has faced such a banishment since the downfall of
Netherlands-based DigiNotar in 2011. Other CAs, including US-based Trustwave
, have also done what CNNIC did without getting the boot. While worldwide
Chrome is the No. 2 most used browser, it had a commanding, 52-percent share
in China last year, compared to 23 percent for IE."
Guess what, CNNIC is not only duped here. US based Trustwave and DigiNotar
also were 活雷锋. |
f*********e
发帖数: 8453 | |
f*******5
发帖数: 10321 | 19 Diginotar是被黑了。trusrwave是交流的好才没被踢出去
that
.
encrypted
a
Trustwave
share
【在 j*****0 的大作中提到】
: "The unauthorized certificates were issued by Egypt-based MCS Holdings, an
: intermediate certificate authority that operated under the authority of
: CNNIC. MCS used the certificates in a man-in-the-middle proxy, a device that
: intercepts secure connections by masquerading as the intended destination.
: Such devices are sometimes used by companies to monitor employees' encrypted
: traffic for legal or human resources reasons. It's one of the first times a
: certificate authority has faced such a banishment since the downfall of
: Netherlands-based DigiNotar in 2011. Other CAs, including US-based Trustwave
: , have also done what CNNIC did without getting the boot. While worldwide
: Chrome is the No. 2 most used browser, it had a commanding, 52-percent share
|
g*****g
发帖数: 34805 | 20 这个事情肯定是软软干得,兵不血刃把狗和狐狸一起赶出中国的节奏呀。 |
p********e
发帖数: 6030 | 21 赞,不整不足以平民愤啊。
【在 s******e 的大作中提到】
: 这算是绑架用户吗?
: Google Bans China’s Website Certificate Authority After Security Breach
|
