Kaspersky fixed an error affecting 400 million users

Kaspersky fixed one of certificate validation at της που επηρέαζε 400 εκατομμύρια χρήστες.

Discovered by persistent bug- Google's Tavis Ormandy. The flaw lies in how the of the company inspects the encrypted traffic.Kaspersky

Since it decrypts traffic before inspection, Kaspersky presents its certificates as a trusted authority. If a user opens Google on browsing it, for example, the certificate will appear to come from Kaspersky Personal Root.

The problem that Ormandy found was that the internal certificates were incredibly weak.

"As new certificates and keys are created, they are entered using the first 32 bits of 3MD5 (serialNumber || issuer) as a key… You do not need to be a cryptographer to understand that a 32bit key is not enough to prevent brute-force attacks" , says the researcher.

Για την αναφορά σφάλματος ο Ormandy έδωσε ένα PoC σύγκρουσης πιστοποιητικών μεταξύ του News και του manchesterct.gov:

"If you are using Kaspersky Antivirus in Manchester, and you are wondering why Hacker News does not work sometimes, it is because a critical vulnerability has disabled SSL authentication for 400 million Kaspersky users."

Kaspersky reportedly corrected the 28 December error.

Kaspersky: SSL interception differentiates certificates with a 32bit hash

iGuRu.gr The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).