12/03/2014

#sonyhack : Sony will have to change all its certificates

they are all in the wild and will be used and abused in viruses and spam and phishing

and so are there a few more folders with certificates

it also shows that they had access to the Network Administrator servers and to the root of the servers - except if these were organised centrally and only that server was compromised

Another question is what now the browsers and the others will do. If they are consistent with previous actions, they will now declare all the Sony certificates invalid which will make them invalid and so Sony will in fact have to close down all its encrypted protected logins and services untill they have replaced all the certificates with new ones - if they can prove the certificate provider that they have full control over their servers and the network

if the hackers really want to create havoc they steal the new certificates just to proof that they are master of the Sony network who even with the best cyberdefenses couldn't stop them from stealing that information without getting caught - except if it is a honeypot or trap off course

Permalink | |  Print |  Facebook | | | | Pin it! |

The comments are closed.