There’s a new tool out there that claims to protect users against malicious advertising without completely blocking ads. Called PrivDog, it kind of sounds too good to be true. It turns out it might be. Here’s what IT Word had to say:
Over the weekend, a user reported on Hacker News that his system failed an online test designed to detect a man-in-the-middle vulnerability introduced by Superfish, a program preloaded on some Lenovo consumer laptops.
However, his system did not have Superfish installed. Instead, the problem was tracked down to another advertising-related application called PrivDog, which was built with the involvement of Comodo’s CEO, Melih Abdulhayoglu. New PrivDog releases are announced on the Comodo community forum by people tagged as Comodo staff.
Well, that’s delightful. When this was examined further, it turns out that this may be worse than the adware that Lenovo put on their computers. Yikes! Here’s the details on that:
A quick analysis shows that it doesn’t have the same flaw as Superfish, but it has another one which arguably is even bigger. While Superfish used the same certificate and key on all hosts PrivDog recreates a key/cert on every installation. However here comes the big flaw: PrivDog will intercept every certificate and replace it with one signed by its root key. And that means also certificates that weren’t valid in the first place. It will turn your Browser into one that just accepts every HTTPS certificate out there, whether it’s been signed by a certificate authority or not. We’re still trying to figure out the details, but it looks pretty bad.
Lovely. That means that pretty much anything can pwn you if you’re not careful. Or even if you are careful.
Given the seriousness of this latest threat, I hope that the people behind this software get slapped pretty hard so that it sends a message that this sort of nonsense is unacceptable.
Like this:
Like Loading...
Related
This entry was posted on February 24, 2015 at 8:50 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
If You’re Using A Product Called PrivDog, The Security Of Your PC May Be Suspect
There’s a new tool out there that claims to protect users against malicious advertising without completely blocking ads. Called PrivDog, it kind of sounds too good to be true. It turns out it might be. Here’s what IT Word had to say:
Over the weekend, a user reported on Hacker News that his system failed an online test designed to detect a man-in-the-middle vulnerability introduced by Superfish, a program preloaded on some Lenovo consumer laptops.
However, his system did not have Superfish installed. Instead, the problem was tracked down to another advertising-related application called PrivDog, which was built with the involvement of Comodo’s CEO, Melih Abdulhayoglu. New PrivDog releases are announced on the Comodo community forum by people tagged as Comodo staff.
Well, that’s delightful. When this was examined further, it turns out that this may be worse than the adware that Lenovo put on their computers. Yikes! Here’s the details on that:
A quick analysis shows that it doesn’t have the same flaw as Superfish, but it has another one which arguably is even bigger. While Superfish used the same certificate and key on all hosts PrivDog recreates a key/cert on every installation. However here comes the big flaw: PrivDog will intercept every certificate and replace it with one signed by its root key. And that means also certificates that weren’t valid in the first place. It will turn your Browser into one that just accepts every HTTPS certificate out there, whether it’s been signed by a certificate authority or not. We’re still trying to figure out the details, but it looks pretty bad.
Lovely. That means that pretty much anything can pwn you if you’re not careful. Or even if you are careful.
Given the seriousness of this latest threat, I hope that the people behind this software get slapped pretty hard so that it sends a message that this sort of nonsense is unacceptable.
Share this:
Like this:
Related
This entry was posted on February 24, 2015 at 8:50 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.