home.social
Sign in Create account

Jerry on Mastodon

@[email protected]
View on mas.to
  1. Jerry on Mastodon @[email protected] ·

    Just about the entire internet uses certificate authorities to establish trust. Here, a simple old-school social engineering trick broke this trust and allowed hackers to get signed certificates from DigiCert for their malware.

    There is a better way to establish certificate trust that doesn't rely on a 3rd party, and it's free too. It's called DANE, which binds the trust directly to the Domain Name System by using DNSSEC. DANE is ideal for code signing certificates (and other uses), but is overlooked.

    This attack is virtually impossible under DANE. A vulnerable support person is of no use. Hackers would need to directly compromise the target's DNS infrastructure, the registrar, and the top-level domain authority. All three. Nearly impossible compared to just finding some dupe at the CA in a public chat room.

    hackread.com/hackers-digicert-

    #DANE #CertificateAuthorities #DigiCert

    #digicert #certificateauthorities #dane
  2. Jared Stevens @[email protected] ·

    well… i ran out of parts.
    #jeep #4x4 #4wd #jeepxj #xj #engine

    #engine #xj #jeepxj #4wd #4x4 #jeep
  3. Jared Stevens @[email protected] ·

    Axle update. Real axle is assembled and installed. First 10-mile break-in drive is done. Its silent. I’m soooo happy right now!
    #jeep #XJ #axle #gears #jeeplife

    #jeeplife #gears #axle #xj #jeep