Linked by Thom Holwerda on Mon 5th Sep 2011 22:26 UTC
Privacy, Security, Encryption So, people from within Iran have hacked the Dutch company DigiNotar, allowing them to issue fake certificates so they could listen in on Iranian dissidents and other organisation within Iran. This is a very simplified version of the story, since it's all quite complicated and I honestly don't even understand all of it. In any case, DigiNotar detected the intrusion July 19, but didn't really do anything with it until it all blew up in their face this past week. Now, the Dutch government has taken over operational management of DigiNotar... But as a Dutch citizen, that doesn't really fill me with confidence, because, well - whenever the Dutch government does anything even remotely related to IT technology, they mess it up. And mess it up bad.
Thread beginning with comment 488581
To read all comments associated with this story, please click here.
Can it really get worse?
by Soulbender on Mon 5th Sep 2011 22:33 UTC
Soulbender
Member since:
2005-08-18

Well, considering how incredibly bad the private company screwed up it's not like it can get much worse.

Reply Score: 5

RE: Can it really get worse?
by Delgarde on Mon 5th Sep 2011 23:43 in reply to "Can it really get worse?"
Delgarde Member since:
2008-08-19

Well, considering how incredibly bad the private company screwed up it's not like it can get much worse.


Don't say that... they'll take it as a challenge... ;)

Reply Parent Score: 6

RE[2]: Can it really get worse?
by mrstep on Tue 6th Sep 2011 19:40 in reply to "RE: Can it really get worse?"
mrstep Member since:
2009-07-18

They didn't screw up - they implemented stuff that doesn't work, and now will get paid even more to get it to actually work. Or maybe they'll get it working in the next upgrade. The execs got some nice bonuses, lawmakers/police now have a way to track people...

Problems? What problems? Thom, you just worry too much!

Reply Parent Score: 1

Berend de Boer Member since:
2005-10-19

With private companies you get to chose if you want their services. With the government it's a monopoly, you don't get to chose if you use it, nor if you want to pay for it.

Reply Parent Score: 1

Soulbender Member since:
2005-08-18

Except I haven't read anything about the Dutch government monopolizing the CA business. You're still allowed to start your own CA business if you want to and you're free to not use DigiNotar.

Reply Parent Score: 2

RE[2]: Can it really get worse?
by zima on Mon 12th Sep 2011 23:22 in reply to "RE: Can it really get worse?"
zima Member since:
2005-07-06

Of course you can choose it. And not only by, say, finding large enough like-minded group of people for a peaceful coup and/or shopping for a gov that is to your liking on the world marketplace (and if there isn't any - tough luck, maybe humanity isn't for you*).

It is fairly easy to use hardly any services, and pay for none - being simply below the taxation threshold ...wait, what, you do want to live comfortably in an environment provided by modern society? Then don't escape from what is just the "cost of doing business" - you don't expect the landlord, who makes sure you have a comfortable place to live, to not get his rent money just because you don't feel like it, right? Or likewise with comfortable utilities you're so used to? (which BTW would be a disaster without regulation; not safe, immense waste of incompatibilities and duplication, etc.; with many people unable to choose water, electricity... most areas would be without these services if there were no intervention, as is still the case in many areas around the world)


*If humanity at large isn't willing to fulfil your whims, "deliver you what you want" to use your words elsewhere from this thread, maybe it's time so sign out ...or at least not be a hypocrite, not live where you benefit abundantly from the comforts provided by an integrated society.

Reply Parent Score: 2

RE: Can it really get worse?
by Lennie on Tue 6th Sep 2011 11:14 in reply to "Can it really get worse?"
Lennie Member since:
2007-09-22

If the Dutch government would get only a few things right, they would be doing things better than DigiNotar and would prevent many other attacks.

I think the Dutch government could have one team in one organisation that handle offline signing.

That means it is not in any way connected to the online world like DigiNotar.

They check a number of things (simplified):
- they receive a request by PGP-signed email

- check if they are on the contact-list and PGP checks out.

- look at the name of the request and see if it oesn't have *.google.com or other silly things like municipality X does not need to create a certificate for the website of municipality Y.

- call the people at the other end if they send the email

- check the numbers on the certificate request over the phone.

- create the certificate

- email it back, PGP signed.

Done, much more secure than what they had before.

Edited 2011-09-06 11:15 UTC

Reply Parent Score: 2