-
Hmmm... I can't validate my Domain certificate via
#Trustico, it just ends up sending weird curl requests to my server.
Anyone got an idea whats wrong? pic.twitter.com/IkvMHZ8aLJ
Prikaži ovu nit -
-
Stop trusting CAs. Take back control over who you trust. Give us a call.
#trustico https://twitter.com/geofft/status/968937773691539458 … -
We don't keep your keys - so we can't lose them
#Trustico > https://www.globalsign.com/en/ssl/switch/ pic.twitter.com/3Jm7oEhPqO
-
-
Ever wonder what happens when your SSL certificate gets revoked? We (and 22,999 others evidently) found out recently. Your website just stops working with no option to ignore errors, which is appropriate, I suppose. Some browsers/devices took while to catch on. Thanks
#trustico. pic.twitter.com/j1W0PcqaFc
Prikaži ovu nit -
23,000
#HTTPS certs will be axed in next 24 hours after private keys leak Customers of HTTPS certificate reseller#trustico are reeling after being told their#websites#security certs – as many as 23,000 – will be rendered useless within the next 24 hours.#websecuritypic.twitter.com/UowZrh1sJo
-
This is the latest invention, a so called shared private key :) you can do many stuff with those ex email 20k of this
#trustico -
Explore this RiskIQ PassiveTotal Public Project to pivot on a sample of
#Trustico certificates affected by the recent security blunder, in which they sent private keys in a corporate email: http://bit.ly/2F8Vpcm -
I was able to uncover secret video of the Trustico kerfuffle from this morning:
#trustico pic.twitter.com/hzmO43fXyj -
WTAF? Has anyone at
#trustico ever heard of the word security? Why not just have all admin pages open with no need for credentials...there really are no words! -
Oh god, they're also passing unescaped curl arguments to a root shell.
#Trustico is easily the least secure SSL reseller in history... https://twitter.com/svblxyz/status/969220402768736258 …
Hmmm... I can't validate my Domain certificate via#Trustico, it just ends up sending weird curl requests to my server. Anyone got an idea whats wrong? pic.twitter.com/IkvMHZ8aLJPrikaži ovu nit -
The
#Trustico Epic Fail Saga - S1E1 Shockingly cavalier https://buff.ly/2t9uabV - S1E2 Add remote-code execution hole to mass-revocation drama https://buff.ly/2t7cX31 - S1E3 About as bad as it gets https://buff.ly/2t9y7gS No CVE needed to enter the Pwnie Awards 2018 -
If this utter fuck up shows anything it's that the certificate reseller market needs killing. Commercial CAs need to stop proxying trust to organisations like this
#trustico https://twitter.com/teamcymru/status/968960757361758214 …
-
I wonder how many other SSL resellers are out there creating and storing their customers private keys?
#trustico -
Don't think this is just a
#Trustico problem, here's@sslsecurity providing me with a pre-compromised private key:pic.twitter.com/fS2l8h0LBf
Prikaži ovu nit -
Geeze trustico. Why does your CEO have access to the keystore? As I need the business reason so I can update my processes and standards documents I supply to my clients! Even I never considered that access requirement!
#trustico#ilearnedsomething -
Hi Kelly, about that ordering system...
#trustico pic.twitter.com/1K5x2nGHs2
-
And some command injection that gets executed as root, because why not. Solid work by
#Trustico
https://twitter.com/cujanovic/status/969229397508153350 … -
#Trustico well... so bad
Norton Secured" 
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.