Alan Lawhon
lawhonac at hiwaay.net
Sat Sep 17 10:39:08 CDT 2011
http://windowssecrets.com/top-story/the-sorry-tale-of-the-unsecure-sockets-l ayer/ http://tinyurl.com/3z9awxj This is a follow-up article to the story concerning corrupted root certificates which I posted last week. Microsoft issued an out-of-cycle security patch to eliminate the source of the phony certificates, (i.e. DigiNotar), and remove the threat to users of Internet Explorer and other browsers. Since > than 99 percent of the potential "victims" of this security breach were located over in Iran, Woody Leonhard seems to be implying that this may be a case of the Government of Iran eavesdropping on its citizens; thus there is little (if any) chance of this breach adversely affecting users outside of Iran - like us. Still, his analysis of the "lax process" by which root certificates are issued is illuminating. At the end of his article, Woody recommends that users consider modifying their "Hosts" file (to read only) in order to "lock" their system and prevent man-in-the-middle attacks and other security-related vulnerabilities. Before I modify a system file, I want to check with the experts on here. Are most of you in agreement that changing your "Hosts" file (to read only) is a good idea? (I wonder why Microsoft doesn't make the "Hosts" file read only by default?) Alan C. Lawhon