Comodo hacker outs himself, claims "no relation to Iranian Cyber Army"

[Dieselman]

The alleged hacker of Comodo stepped forward this weekend to explain how he generated bogus SSL certificates for login.skype.com, mail.google.com, login.live.com and other popular internet websites.

http://nakedsecurity.sophos.com/2011/03/27/comodo-hacker-outs-himself-claims-no-relation-to-iranian-cyber-army/#idc-container

 

[bogdan]

Comodo complains about the current system being insecure and they propose new standards, but it seems that the major problem with the system is the way current standards are being ignored, and certificates released without prior verification of the applicant. Those registration authorities only care about obtaining profit.

 

[Guest28]

Yea from what i understand the TVL is getting over loaded with malware applications and tool bars..

 

[bogdan]

Comodo is also a Certification Authority and this is mainly about Public Key Infrastructure and digital certificates. This doesn't only affect software you run, but can potentially affect websites you visit, digitally signed e-mails etc.