Apple Criticized For Not Blocking Stolen Certs

Apple Criticized For Not Blocking Stolen Certs 154

Posted by samzenpus on Friday September 09, 2011 @02:39AM from the I-am-disappoint dept.

CWmike writes "A security researcher is criticizing Apple for lagging with its response to the DigiNotar certificate fiasco. He is urging the company to quickly update Mac OS X to protect users. 'We're looking at some very serious issues [about trust on the Web] and it doesn't help matters when Apple is dragging its feet,' said Paul Henry, a security and forensics analyst with Lumension. Unlike Microsoft, which updated Windows on Tuesday to block all SSL certificates issued by DigiNotar, Apple has not updated Mac OS X to do the same. Meanwhile, even Mac OS X users who want to go DIY are stymied, reports Bob McMillan, because the OS can't properly revoke dodgy digital certificates."

Apple Criticized For Not Blocking Stolen Certs

This discussion has been archived. No new comments can be posted.

Search 154 Comments Log In/Create an Account

Comments Filter:

Re:Double standards? (Score:4, Insightful)

by sjames ( 1099 ) writes: on Friday September 09, 2011 @03:17AM (#37348950) Homepage Journal

Because Comodo proactively detected the problem, put a stop to it, and had an appropriate audit log showing how large the problem was and what certs were wrongly issued.
Evin DigiNotar acknowledges that removal of their root key is the only way to contain their leak.
OTOH, I chose to disable Comodo's keys in my browser.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Apple Criticized For Not Blocking Stolen Certs 154

Apple Criticized For Not Blocking Stolen Certs More Login

Apple Criticized For Not Blocking Stolen Certs

Re:Double standards? (Score:4, Insightful)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot