V2EX = way to explore
V2EX 是一个关于分享和探索的地方
Sign Up Now
For Existing Member Sign In
This topic created in 5511 days ago, the information mentioned may be changed or developed.
原文在此 http://pastebin.com/74KXCaEZ
就是前面闹得很凶的ssl证书盗签事件 不过这次貌似伊朗黑客当了冤大头了 有人不信 所以这位黑客贴出了TrustDll.dll的反编译结果 http://pastebin.com/DBDqm6Km
这不是一次有组织的攻击 不过确实是一次精心策划的攻击 攻击者也不是一群人 而是一个人
这位黑客挺有趣 从文中我们知道即使是gmail 也是不安全的 gov想看 那它就能看
摘自原文
“When USA and Isrel can read my emails in Yahoo, Hotmail, Skype, Gmail, etc. without any simple
little problem, when they can spy using Echelon, I can do anything I can. It's a simple rule.”
“I see some people suggests using VPNs, some people suggests TOR, some other suggests UltraSurf, etc. Are you sure you are safe using those? RSA 2048 was not able to resist in front of me, do you think UltraSurf can?”
well 想起安全圈里的一句话“没有绝对的安全...”
就是前面闹得很凶的ssl证书盗签事件 不过这次貌似伊朗黑客当了冤大头了 有人不信 所以这位黑客贴出了TrustDll.dll的反编译结果 http://pastebin.com/DBDqm6Km
这不是一次有组织的攻击 不过确实是一次精心策划的攻击 攻击者也不是一群人 而是一个人
这位黑客挺有趣 从文中我们知道即使是gmail 也是不安全的 gov想看 那它就能看
摘自原文
“When USA and Isrel can read my emails in Yahoo, Hotmail, Skype, Gmail, etc. without any simple
little problem, when they can spy using Echelon, I can do anything I can. It's a simple rule.”
“I see some people suggests using VPNs, some people suggests TOR, some other suggests UltraSurf, etc. Are you sure you are safe using those? RSA 2048 was not able to resist in front of me, do you think UltraSurf can?”
well 想起安全圈里的一句话“没有绝对的安全...”
Supplement 1 · Jun 19, 2013
翻到自己的旧帖子 所以上面提到的这个“Echelon” 其实就是PRISM么
 |
1
ihacku OP solidot今天有相关信息 http://internet.solidot.org/internet/11/03/29/051240.shtml
国内的媒体还是有延时性 以及 太娱乐了... 面对众人的质疑 该黑客放出了新的证据 mozilla插件的证书以及私钥 http://pastebin.com/X8znzPWH HD Moore也在推上表示此事基本不差了 |
 |
2
est Mar 29, 2011
yeah it takes 1,000 hackers to POSt something to a Comodo server.
|
|
3
ihacku OP 关于此事件 另有邮件采访一篇
http://erratasec.blogspot.com/2011/03/interview-with-comodohacker.html 也让我们了解到此位黑客只是一名学习软件工程的伊朗学生 尤其对密码学感兴趣 每天都大概花15小时在上面 |
Select Language