thread cc @sraub
-
-
Replying to @stanzillaz @taviso and
Yes, of course it is a valid certificate. Not seeing the issue here, care to explain?
1 reply 0 retweets 2 likes -
Replying to @sraub @stanzillaz and
The only way that could have been implemented is if the private key is embedded in the binary. That is considered a key compromise, and CA's are *obligated* to revoke it.
2 replies 0 retweets 12 likes -
Here is a relevant recent discussionhttps://groups.google.com/d/msg/mozilla.dev.security.policy/T6emeoE-lCU/-k-A2dEdAQAJ …
2 replies 1 retweet 5 likes -
and here the latest incident of this kind involving microsofthttps://www.golem.de/news/microsoft-dynamics-365-wildcard-certificate-with-a-private-key-for-everyone-1712-131544.html …
1 reply 1 retweet 1 like -
That sounds concerning but doesn't seem related. http://localbattle.net is isolated domain on purpose. connections treated as insecure and other security measures are employed as necessary.
1 reply 0 retweets 0 likes -
The attack would be a mitm replies to http://localbattle.net with a non-loopback address, extracts the private-key from the binary and then can steal authentication data or whatever.
2 replies 0 retweets 3 likes -
The localhost endpoint is not relying on the certificate for security. The endpoint is treated with the same level of trust as a raw http connection. Other countermeasures are employed instead. Genuinely curious if there is a way to actually get anything out of it.
1 reply 0 retweets 0 likes -
Confused by what "trust" you mean here. The only reason it's "localhost" is because that's what dns says, an attacker (e.g. hotel wi-fi) can lie and you would be talking to them instead.
1 reply 0 retweets 0 likes -
Bad attempt at a generalized response. Implementation accounts for the possibility of dns hijacking and mitm attacks on both ends (browser and desktop endpoint).
3 replies 0 retweets 1 like
Hmm, can you email me from a blizzard email address? I can't give more details publicly without giving away the whole attack. I'm taviso <at> google <dot> com.
-
-
Hey, I sent you an email with some more examples of some security problems with http://Battle.net , would be amazing if you could look into them from a professional point of view.
1 reply 0 retweets 1 like -
only tavis? (not sure who you mean with "you", I'll happily also have a look, but certainly not as skilled as tavis)
0 replies 0 retweets 0 likes
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.