You may not know it but there is a lot that goes on behind the scenes when you log into your favorite web site. There is even more that goes on when you log into a web site that is considered high security. Web sites that are considered high security would be sites such as your bank or your stock brokerage account. There must be extra consideration taken when it comes to web sites like these because they are considered likely targets of the bad guys on the web. If a black hat hacker was able to get into your banking web site and start to possess your identity there is no limit to the untold damage that he could do to you. So when a bank creates a web site, they make sure that it is to a higher standard than most sites that you log into.
Even web sites that are not considered as important as a banking web site are starting to raise their security standards to banking levels and beyond. Sites such as Facebook are really concerned about the security of the people who visit. There is a lot of personal information that is being stored about you on a site like Facebook, so they want to be able to help you protect it. You are going to start to see more and more web sites go this route because your security is important.
The CA breach
But unfortunately, even the tools that are being used to protect you are not considered infallible. There are times when they are the weak links in the security chain as well. This is why security experts cannot rest on the laurels of the products that they use and just assume that everything is working fine. They must check on these items all of the time to make sure that everything is working perfectly.
Just recently there was a company named Digintar whose CA servers were breached. If you do not know, a CA is also known as a Certificate Authority. Certificates of Authority are used to make sure that when you log into a web site you have a third party that is verifying which web site you are logged into. There are a lot of bad guys on the internet who try to fake a web site by copying the looks of it. They will also change one or two letters in the domain that you see in the address bar to try and further confuse you. So to prevent this from happening, web sites will pay to have a certificate of authority issue a digital statement that will proclaim the end user to be on the right web site. Sometimes when you are surfing the web you will see a pop up which comes from your browser that will tell you that the CA does not match up. It will then ask you if you want to proceed or not. It will advise you against it because the browser does not trust the web site. This is what a CA is good for.
But like we said earlier in the article, this particular company’s CA had been compromised by outside forces. And the people who did it were not very subtle about it. They let it be known that they had done it once and were able to do it again. This is a bad thing when it comes to the internet. A problem like this can go beyond just banking. There are many government web sites which use this same kind of technology as well. If the bad guys are able to compromise the inner workings of a government web site because of a breach in CA security then there is no predicting the damage that can be done. Millions of people from around the world do business everyday with their government web sites. And not all of the governments around the world are quick to fix a hole like this on their systems. This could lead to a lot of people becoming compromised just because they went to their government’s web site to update their license.
A lot of the browser vendors that are out there such as Firefox, Internet Explorer, and Google with their Chrome browser are rejecting CA’s from DigiNotar. The company claims that they have fixed all of their problems but none of the browser vendors trust them just yet.
This just goes to show that if you are someone who provides a service that needs to be protected, you can never let your security lapse. Even when it is in the hands of a trusted service you must always keep your eyes open to make sure everything is okay.