The security certificate used by the Superfish add-on installed on its computers Lenovo just broke (Cracked).
Πρόσφατα, αναφέραμε ότι το λογισμικό Superfish που χρησιμοποιείται από τη Lenovo παράγει ένα πιστοποιητικό ασφαλείας για να υπογράψει εκ νέου όλα τα πιστοποιητικά ασφαλείας που λαμβάνει από σελίδες HTTPS, όπως σελίδες τραπεζών, επιτρέποντας ουσιαστικά την access σε πληροφορίες απλού κειμένου στην κίνηση μεταξύ client and a server that would otherwise be encrypted.
Many security experts who have examined the subject have discovered that the add-on uses the same RSA key (1024 bits) on all devices, which means that if someone manages to break it, they will be able to "read" the encrypted traffic exchanged between a user with a Lenovo user computer and a secure service. This is exactly what he did Robert Graham, Chief Executive Officer of Errata Security.
The researcher used a system with Superfish installed by dumping the data generated by processes into the system memory.
After discovering the encrypted private key of the security certificate used by Superfish, and the certificate itself, it tried to verify that the data protected with a password.
Cracking the password turned out to be a bit more difficult than expected since it required a modified brute-force program. When Graham had to develop a new brute-force software for her needs attacks.
He assumed that the password would not be complicated, so he gave the program a search command only between lowercase letters. In less than 10 seconds, he discovered the password that was "komodia."
The password decrypts the root certificate and could be used in man-in-the-middle attacks against Lenovo users who have Superfish installed on their system.
