Industry News Home More stories like this... RSS Feed

CAs under scrutiny over internet security

Internet security concerns have been raised following the successful demonstration of a key weakness in the internet infrastructure that could leave many end users exposed to online threats, reports say.

The vulnerability could enable hackers to launch virtually undetectable attacks by intercepting traffic that is supposed to be secure, the international team of online security experts from the Netherlands, Switzerland and the US showed.

According to the researchers, certificate authorities (CAs), which are charged with the responsibility of helping internet users to distinguish legitimate sites from fake ones, need not be trusted blindly, reports the Washington Post.

Jacob Appelbaum, one of the researchers, said: "Signing certs with MD5 in 2008 is negligent. The problem is that we trust these CA companies, and maybe we shouldn't."

The researchers were able to mimic the digital identity and authority assigned to RapidSSL, one of the many CAs, which are trusted by manufacturers of internet browsers.

Banks and e-commerce websites, which are trusted by many internet users, use certificates from such companies to highlight their security.

Internet security that offers effective three way protection against malware, spam and hackers. Visit www.pctools.com to upgrade your protection