First there was a $300m bank heist that was driven out of the news by the NSA (again) snooping on everyone (well, yeah.. this is news?) and then the news broke of one of the most boneheaded tech decisions since Sony’s rootkit laden audio CDs.
With that kind of week, you know the awesome weight of attention turned on one little company’s products,ie.. superfish, was going to turn up more and more fun for us security types. Lo and behold, here’s what’s behind door number 2.
The SSL exploit code has been identified in at least a dozen more apps, several of them marketed as security apps. If that wasn’t enough, it’s been discovered that it also signs invalid or self-signed certificates for you and presents them as valid to the browser. An in depth technical explanation of just how nasty this can be is out at filipo.io who seems to be rapidly becoming the go-to place for info on this debacle.
Microsoft has stepped up to the plate with an update to Windows Defender to help clean up this mess. All I see in Windows Updates is one for IE 11 and an ASLR but in Jscript9.dll. I haven’ t tracked down the details from Microsoft’s site about the Defender update, but The Verge has some good info on it.
So now that the work deployment I’m assisting with (I’m on call.. if it goes bad, I get woken up anyway so might as well be useful, ya know?) is done, I’ll bring this post to a close and leave you all crying in your beer and cursing at your packet dumps. After all, how much worse could it get?
Scott
