Iranian activists endangered by delay of SSL theft disclosure, researchers claim
Google, Yahoo and Skype among victims of theft By Gregg Keizer | Computerworld US | Published: 17:54, 25 March 11 The delay in disclosing a theft of the digital certificates for some of the web's biggest sites, including Google, Skype, Microsoft and Yahoo, put Iranian activists' lives at risk, a researcher argued Wednesday. Comodo, the Jersey City, NJ-based security company whose reseller issued the bogus certificates, disputed the charge, saying that at no time was anyone at risk. Last week, attackers used a valid username and password to obtain nine SSL certificates - used to prove that a site is legitimate - from an Comodo affiliate. The certificates were for six websites, including the log-on sites for Microsoft's Hotmail, Google's Gmail, the Internet phone and chat service Skype and Yahoo Mail. A certificate for Mozilla's Firefox add-on site was also acquired. Iran accused of stealing SSL certificates to crack down on dissent | Iran builds two new super