To Countermail: BEING MITM ATTACKED WITH FAKE CERTIFICATES

Discussion in 'privacy technology' started by ComputerSaysNo, Oct 30, 2012.

Thread Status:
Not open for further replies.
  1. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,424
    Countermail your users are being attacked with fake Certificates :-*
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    Source, further info etc. ?
     
  3. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,424
    Coming up, friend is sending pictures
     
  4. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,424
    Last edited: Oct 30, 2012
  5. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    Those pictures really do not prove anything. I went and tested the certificate on file from what was on file several weeks ago no change, and its trusted. I took it a step further and tested it both from U.S, South America and Europe locations, again no issues. Its a Rapid SSL certificate with the root CA GeoTrust. Both login and general site surfing show no discrepencies.

    There are several reasons your friend may have recieved the error, they may not have the root CA in their trusted path, they themselves could be on a compromised network etc.
     
  6. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    Personally, if I thought there was a problem, I'd contact CM (They're even a member here), provide them with the info, and see what they say. If you hear nothing after a week or two, then post it. Just my opinion.

    EncryptedBytes, school me up: Even if someone *was* in the middle, doesn't CM encrypt/decrypt happen locally? Wouldn't they just get random data?

    PD
     
  7. Countermail

    Countermail Registered Member

    Joined:
    Aug 7, 2009
    Posts:
    167
    Location:
    Sweden
    First I must say it's better if you send us an email, because we don't check Wilders every day.

    We always have all hashsums and certificate fingerprints on this page:
    https://countermail.com/?p=changelog&t=1

    ---
    Some checks you can do:

    -Check the website SSL fingerprint in SHA1, in your web browser, under certificate details. SHA1 fingerprint
    Code:
    22:1A:9B:33:00:D7:DC:7B:AF:1E:16:71:C2:15:A9:F0:4A:1C:8D:F0
    -Download and save the applet JAR-file: https://countermail.com/CounterMailEngine145.txt and check the SHA hashsum on the file.
    SHA1: 3c2b31c9acbbbfd243471ab7f3b015f93040dc4e
    There are many ways to check hashsums on files, on Mac and Windows you can use: http://www.implbits.com/hashtab.aspx

    -Check the details on the code signing cert, SHA1 fingerprint:
    Code:
    47:F0:48:26:C9:86:62:B3:6B:4C:B1:A2:C9:E5:17:01:B9:E3:7E:D3
    If you already accepted the code signing cert, you can find it inside your Java control panel/preferences
    ---

    Below are some common problems that may create certificate problems:
    -The date on your local computer is wrong
    -You have activated "online certificate validation" in your Java settings, and the OCSP-server is temporarily down
    -Bug in Java7: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7197652
    -You have activated OCSP in your web browser settings, and the OCSP is temporarily down
     
  8. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A

    If you are talking about their actual email service that may be a question for CM, I personally do not have an active account with them nor have I looked at their service in depth. ;)

    I am probably one of the few Wilders members that actively uses Gmail :D
     
Loading...
Thread Status:
Not open for further replies.