Late last month "security firm Fox-IT was called in to analyse the sequence of events at DigiNotar". The company issued a technical statement on 5 September (http://www.diginotar.nl/Portals/7/Pe...ip%20v1.0a.pdf)
and the matter hit the headlines on 6 September:
"Iranians hit in email hack attack" BBC News - Iranians hit in email hack attack The following message left on pastebin (Striking Back... - Pastebin.com)
Essentialy alot of fake certificates were granted that would alow a person or persons to track Iranian net traffick, twitter and such like. DigiNotar normaly issues these cerificates and was hacked.
It then emerged that this was not first attempt; "On 19 July, Dutch CA DigiNotar detected an unauthorised intrusion into its systems." (BBC News - Fake DigiNotar web certificate risk to Iranians)
This time the message left on one of the certicates was:
"Of particular note is this certificate:
CN=*.RamzShekaneBozorg.com,SN=PK000229200006593,OU =Sare Toro Ham Mishkanam,L=Tehran,O=Hameye Ramzaro Mishkanam,C=IR"
The analyst interprets this as:
"Thanks to an anonymous Farsi speaker, I now understand that the above certificate is actually a comment to anyone who bothers to read between the lines:
"RamzShekaneBozorg" is "great cracker"
"Hameyeh Ramzaro Mishkanam" translates to "I will crack all encryption"
"Sare Toro Ham Mishkanam" translates to "i hate/break your head""
Another pastebin message among other stuff says "a) I'm single person, do not AGAIN try to make an ARMY out of me in Iran. If someone in Iran used certs I have generated, I'm not one who should explain."
So today, due to information in first message ("I still have access: GlobalSign") GlobalSign has stopped issuing cerificates; BBC News - GlobalSign stops secure certificates after hack claim
It is reported that he also says: "Dutch government is paying what they did 16 years ago about Srebrenica, you don't have any more e-Government huh?"
To summarise then: We have a farsi speaker, who claims to be a 'single person' elsewhere claims to be 21 etc (ie. 4 at the time of Srebrenica), speaks fluent English, can hack to a level barely below national security standards and whose sole accomplishment for this work was to comprimise the privacy of Iranian peoples web traffic... presumably the water fights are a serious threat!
and the matter hit the headlines on 6 September:
"Iranians hit in email hack attack" BBC News - Iranians hit in email hack attack The following message left on pastebin (Striking Back... - Pastebin.com)
Essentialy alot of fake certificates were granted that would alow a person or persons to track Iranian net traffick, twitter and such like. DigiNotar normaly issues these cerificates and was hacked.
It then emerged that this was not first attempt; "On 19 July, Dutch CA DigiNotar detected an unauthorised intrusion into its systems." (BBC News - Fake DigiNotar web certificate risk to Iranians)
This time the message left on one of the certicates was:
"Of particular note is this certificate:
CN=*.RamzShekaneBozorg.com,SN=PK000229200006593,OU =Sare Toro Ham Mishkanam,L=Tehran,O=Hameye Ramzaro Mishkanam,C=IR"
The analyst interprets this as:
"Thanks to an anonymous Farsi speaker, I now understand that the above certificate is actually a comment to anyone who bothers to read between the lines:
"RamzShekaneBozorg" is "great cracker"
"Hameyeh Ramzaro Mishkanam" translates to "I will crack all encryption"
"Sare Toro Ham Mishkanam" translates to "i hate/break your head""
Another pastebin message among other stuff says "a) I'm single person, do not AGAIN try to make an ARMY out of me in Iran. If someone in Iran used certs I have generated, I'm not one who should explain."
So today, due to information in first message ("I still have access: GlobalSign") GlobalSign has stopped issuing cerificates; BBC News - GlobalSign stops secure certificates after hack claim
It is reported that he also says: "Dutch government is paying what they did 16 years ago about Srebrenica, you don't have any more e-Government huh?"
To summarise then: We have a farsi speaker, who claims to be a 'single person' elsewhere claims to be 21 etc (ie. 4 at the time of Srebrenica), speaks fluent English, can hack to a level barely below national security standards and whose sole accomplishment for this work was to comprimise the privacy of Iranian peoples web traffic... presumably the water fights are a serious threat!
Comment