SSL Cert Weaknesses Exposed By Comodo Breach 194
snydeq writes "InfoWorld's Woody Leonhard delves deeper into the Comodo SSL scandal and finds the breach calls into question the integrity of the SSL certification process itself. 'While the press has focused on the sensational fact that Comodo's site was hacked from an Iranian IP address, we really should be asking three questions: How did somebody working with an Iranian IP address get a username and password from Comodo with enough clearance to create SSL certificates? Why did Comodo issue SSL certificates for google.com, live.com, yahoo.com, mozilla.org, and skype.com? Why are browser updates used to revoke SSL certificates?'"
There really is no proof the hackers are from Iran (Score:2, Interesting)
All we have is Comodo claiming they were from Iran, and an IP address. But why should we trust them? If you ask me, Iran fits in a bit too well as the bad guys.
Re:Even more important (Score:4, Interesting)
How? I have an account, and I've clicked on the load all comments button in preferences, but I still only get 250 comments by default. Other complaints: