Jump to content


Vendor Security Updates for DigiNotar Certificates


  • Please log in to reply
24 replies to this topic

#1 OFFLINE   Corrine

Corrine

    The Mystical Rose

  • Forum Admins
  • 4,355 posts

Posted 06 September 2011 - 06:20 PM

Microsoft Security Advisory 2607712 has been updated to revoke the trust of the DigiNotar root certificates by placing them into the Microsoft Untrusted Certificate Store.The update is available via Automatic Update and applies to all supported releases of Microsoft Windows, including Windows XP, Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2.Copied below are the known issues from Microsoft KB Article 2607712, Microsoft Security Advisory: Fraudulent digital certificates could allow spoofing for this update.

Quote

Known issues    A restart is required for all editions of Windows XP and of Windows Server 2003.    A restart is not required for all editions of Windows Vista, of Windows 7, of Windows Server 2008, and of Windows Server 2008 R2. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.    At the explicit request of the Dutch government, the release of this update on Windows Update will be delayed for the Netherlands.    This update will become available to the Netherlands on Windows Update and on all Automatic Update channels at a later date. Customers who want to manually install this update should click the appropriate platform download in the "Download information" section. On the next page, users will be able to select the language to install and can continue with the download and the installation.

Edited by Corrine, 09 September 2011 - 02:50 PM.
Title updated to reflect content information.

Posted Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

#2 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 06 September 2011 - 11:12 PM

Thanks Corrine! Boy are there are a lot of articles out on this already!Microsoft flips 'kill switch' on all DigiNotar certificates

Quote

Permanently blocks all SSL certificates issued by Dutch company hacked in June

Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#3 OFFLINE   crp

crp

    Discussion Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 3,146 posts

Posted 07 September 2011 - 12:31 AM

:) i've read a bunch of articles, but still do not understand what happened.Did someone get certs for sites that they did not actually own ? How would that actually hurt?
Of all tyrannies, a tyranny sincerely exercised for the good of its victims may be the most oppressive. It would be better to live under robber barons than under omnipotent moral busybodies. The robber baron's cruelty may sometimes sleep, his cupidity may at some point be satiated; but those who torment us for our own good will torment us without end for they do so with the approval of their own conscience. ~C. S. Lewis

#4 OFFLINE   goretsky

goretsky

    Posting Prodigy

  • Forum Moderators
  • 2,043 posts

Posted 07 September 2011 - 02:50 AM

Hello,DigiNotar, a company which issues digital certificates used to establish cryptographically-secure connections to web sites, was hacked, and over 500 certificates were acquired for high-profile web sites.  Amongst other things, this would allow someone* to monitor what would otherwise be secure, private connections to those sites.  Passwords, emails, personally-identifiable information and other sensitive data could be viewed by someone* who would otherwise not be able to see that information.Regards,Aryeh Goretsky*Such as a government, ISP, or government-owned ISP.
Dexter is a good dog.

Aryeh Goretsky
Microsoft MVP 2004.1-2018.6 [Cloud and Datacenter Management]

(previously Networking, Windows, Windows for Devices and IT)
FacebookGoogle+ personal blogpersonal websiteTwitter work blog

#5 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 07 September 2011 - 07:49 AM

Aryeh, I couldn't have said it better myself. And highlighting the fact that it could be a government, ISP, or government-owned ISP is spot on to the concerns.There was recently an article that suggested that this has already happened in Iran.Delay in disclosing SSL theft put Iranian activists at risk, says researcher (Computerworld)

Quote

The delay in disclosing a theft of the digital certificates for some of the Web's biggest sites, including Google, Skype, Microsoft and Yahoo, put Iranian activists' lives at risk, a researcher argued Wednesday.
But I think EFF explains the issues best.Iranian Man-in-the-Middle Attack Against Google Demonstrates Dangerous Weakness of Certificate Authorities (EFF)

Quote

What’s worse than finding a worm in your apple? Finding half a worm.What’s worse than discovering that someone has launched a man-in-the-middle attack against Iranian Google users, silently intercepting everything from email to search results and possibly putting Iranian activists in danger? Discovering that this attack has been active for two months.People all over the world use Google services for sensitive or private communications every day. Google enables encrypted connections to these services in order to protect users from spying by those who control the network, such as ISPs and governments. Today, the security of this encryption relies entirely on certificates issued by certificate authorities (CAs), which continue to prove vulnerable to attack. When an attacker obtains a fraudulent certificate, he can use it to eavesdrop on the traffic between a user and a website even while the user believes that the connection is secure.The certificate authority system was created decades ago in an era when the biggest on-line security concern was thought to be protecting users from having their credit card numbers intercepted by petty criminals. Today Internet users rely on this system to protect their privacy against nation-states. We doubt it can bear this burden.This latest attack was reportedly caught by a user running the Google Chrome browser in Iran who noticed a warning produced by the “public key pinning” feature which Google introduced in May of this year. Basically, Google hard-coded the fingerprints for its own sites’ encryption keys into Chrome, and told the browser to simply ignore contrary information from certificate authorities. That meant that even if an attacker got a hold of a fake certificate for a Google site—as this attacker did—newer versions of the Chrome browser would not be fooled.Certificate authorities have been caught issuing fraudulent certificates in at least half a dozen high-profile cases in the past two years and EFF has voiced concerns that the problem may be even more widespread. But this is the first time that a fake certificate is known to have been successfully used in the wild. Even worse, the certificate in this attack was issued on July 10th 2011, almost two months ago, and may well have been used to spy on an unknown number of Internet users in Iran from the moment of its issuance until it was revoked earlier today. To be effective, fraudulent certificates do not need to have been issued by the same authority that issued the legitimate certificates. For example, the certificate in question here was issued by a Dutch certificate authority with which Google had no business relationship at all; that didn't make it any less acceptable to web browsers.
Much more in the article...
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#6 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 07 September 2011 - 08:18 AM

This problem is not only related to issues of privacy related to people who's lives would be in danger, but also, victims of malware purveyors as well.Cryptographic keys for SSL sites are only as good as the honesty of the holder and issuer of those keys, as well as the honesty and security diligence of the issuer, in this case DigiNotar.They would like us to think that SSL is extremely safe, but it's not as safe as those who issue them would like us to believe either. Anyone with money can purchase a SSL certificate, and there have been malware purveyors that have also bought them so folks would 'feel' secure. If you see the lock, you think, "Safe". That's what they want you to think.However, just like anyone can purchase what is considered a 'legitimate' SSL certificate, good, bad or indifferent, there are worse things.'Legitimate' SSL certificates can be created by site owners as well, good, bad, or indifferent.The companies that sell SSL certificates and browser makers put out root certificates for their browers and show green or gold with the lock for those obtained by big name sellers of these certificates. So if you are legitimate site owner who creates their own to save money, you are automatically assumed to be 'not legitimate' by browsers and it shows as red/dangerous to users.I don't see what the solution is, but it really doesn't matter whether you make your own, or if you buy one, you are still playing craps with SSL certificates in many ways these days.
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#7 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 07 September 2011 - 08:26 AM

There is an update on the link on the TOR project with the analysis:

Quote

On Tuesday, Appelbaum published his analysis on the Tor Project's blog. Tor is a system that lets people connect to the Web anonymously, and is often used in countries where governments monitor their citizens' online activities.

Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#8 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 07 September 2011 - 08:31 AM

Part of that update:

Quote

Comodo has issued a statement confirming everything that I've said and more. They believe that this was a targeted attack by a state level actor and they have named Iran as the country they suspect. Mozilla has now opened the bug reports about the issue to the public. Microsoft has now disclosed their report as well.In the details of their statement we have a confirmation that they have the ability to monitor and thus surveille people who wish to know if certificates are valid.Comodo also clearly demonstrate a mis-understanding - they believe that checks for revocation are proof positive that certificates are being used. They need to read and understand why this is not true.

Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#9 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 07 September 2011 - 08:35 AM

As you can see, Microsoft has a very important reason for revoking these certificates.Also, Firefox has take the same steps:

Quote

Firefox 6.0.2 and Firefox 3.6.22 remove trust exceptions for certificates issued by Staat der Nederlanden. For additional details, see http://blog.mozilla....moval-follow-up.

Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#10 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 07 September 2011 - 08:41 AM

Thunderbird has also been updated for the same reason:

Quote

Thunderbird 6.0, 7.0 beta, and 3.1.14 remove trust exceptions for certificates issued by Staat der Nederlanden. For additional details, see http://blog.mozilla....moval-follow-up.
I mention both Firefox and Thunderbird because they are the biggest audiences; but Mozilla said it did this with ALL their products as noted here.
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#11 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 07 September 2011 - 08:43 AM

Opera has done the same thing yesterday, disabling the root store for DigiNotar:

Quote

There is a first time for many things. Sometimes this is positive, but other times it is unfortunate. This time, we're dealing with one of the latter variety.Today, we have updated the Opera Rootstore and disabled the DigiNotar Root (Note: DigiNotar is not in any way associated with DigiCert, which is another CA).The reason for this action is due to last week's news about the large scale attack on DigiNotar's CA systems and the subsequent discoveries about what has happened after the attack.This is the first step in our handling of this incident. We are currently testing further updates that will add the DigiNotar Root to our "Untrusted" repository.That a CA gets attacked and even tricked into issuing certificates that turn out to be fraudulent is not, by itself, a reason to revoke trust in a Root CA. CAs are high profile targets for criminals given the role CAs have in the online security framework; it is how the CA responds to such events that determine how much we can trust it.
More in the article.
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#12 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 07 September 2011 - 08:50 AM

And there are some issues related to removal in Safari apparently:How to get rid of DigiNotar digital certificates from OS X (Updated)

Quote

Update 2: After a conversation with Seth Bromberger we have some new details. First, the reason you're unable to replicate this issue is that DigiNotar appears to have re-issued certificates. You can see Seth's screencast showing the issue here (you may need to go fullscreen to see the text). Further, DigiNotar appears to have chained their certificates to the Dutch government, we're not sure why.But there's a larger problem here, and that involves how Keychain and Safari work to try and protect you from unsafe sites -- those signed by bad authorities. Essentially, the way this works in every other browser is that, if you take any certificate in Keychain and say "Never Trust" you will get a warning when visiting a site signed with that CA. In Safari, this doesn't happen. Instead, you must delete the certificate entirely. We're not sure why this is so, but Apple has apparently known about this for a while and done nothing to change what would seem like an obvious method for protecting users.We're working on this story, stay tuned for a separate post. - Victor
What a mess and I wonder if these issues will come up with other OSes/browers as well if the DigiNator has linked their certs with the Dutch government?! Or is this an Apple only issue that apparently Apple has been aware of and not fixed?!More in the article.
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#13 OFFLINE   zlim

zlim

    It's me, plodr

  • Forum MVP
  • 7,194 posts

Posted 07 September 2011 - 12:05 PM

There might be more fixes coming because GlobalSign has stopped issuing certificates, fearing they might have been hacked.http://www.pcmag.com...,2392525,00.asp
Liz
Registered Linux User # 401459
Posted Image

#14 OFFLINE   Corrine

Corrine

    The Mystical Rose

  • Forum Admins
  • 4,355 posts

Posted 07 September 2011 - 01:01 PM

View PostLilBambi, on Sep 7 2011, 08:35 AM, said:

Also, Firefox has take the same steps:
Firefox 6.0.2 was finally released to the update channel today, even though it has been available via FTP download since Sunday.
Posted Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

#15 OFFLINE   crp

crp

    Discussion Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 3,146 posts

Posted 07 September 2011 - 02:40 PM

I think I'm still confused.To me it seems it is not a hack, but a "man-in-the-middle" interception, or more likely a "government-in-the-middle" interception.The DigiNotor was tricked into giving a CERT to maybeIran for https://abc.wwwthe maybeIran setup a DNS so that all traffic that was destined for https://abc.www first went to https://middle.yyy where the data stream was stored and then sent on to the real https://abc.wwwIs this correct? if so, it seems more like DNS poisoning than a hack.
Of all tyrannies, a tyranny sincerely exercised for the good of its victims may be the most oppressive. It would be better to live under robber barons than under omnipotent moral busybodies. The robber baron's cruelty may sometimes sleep, his cupidity may at some point be satiated; but those who torment us for our own good will torment us without end for they do so with the approval of their own conscience. ~C. S. Lewis

#16 OFFLINE   zlim

zlim

    It's me, plodr

  • Forum MVP
  • 7,194 posts

Posted 07 September 2011 - 02:56 PM

http://www.tomsguide...news-12421.htmlWhen a company's servers get broken into, it is a hack.
Liz
Registered Linux User # 401459
Posted Image

#17 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 07 September 2011 - 10:32 PM

View Postzlim, on Sep 7 2011, 02:56 PM, said:

http://www.tomsguide...news-12421.htmlWhen a company's servers get broken into, it is a hack.
Exactly! They couldn't have done a man in the middle very easily with that first step for something like this for sure.Wow, DigiNotar breach affected 531 Certificates. I hadn't know exactly how many till now... and now GlobalSign too. How many others? And could it be part of the reason for some of these malware attacks that seem to come out of nowhere? Where folks really can't finger when they got hit. Most times they remember when something went a bit screwy, but have had a few recently where they really couldn't tell and they were bad infections too. I am talking root kits, backdoors, etc. that are not your normal malware trojans.
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#18 OFFLINE   Corrine

Corrine

    The Mystical Rose

  • Forum Admins
  • 4,355 posts

Posted 08 September 2011 - 09:36 AM

From Researcher raps Apple for not blocking stolen SSL certificates:

Quote

Because Safari relies on the underlying operating system to tell it which certificates have been revoked or banned entirely, Apple must update Mac OS X. The Windows edition of Safari, which has a negligible share of the browser market, taps Windows' certificate list: That version is safe to use once Microsoft's Tuesday patch is applied.

Posted Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

#19 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 08 September 2011 - 12:06 PM

I don't know about that. You can disable it in the Keychain for Mac OS X:How to: Disable DigiNotar SSL certificateIf it causes problems, I can enable it I guess or delete it outright as long as stuff doesn't break with it disabled.Course Wired and Arstechica say that will not be enough...sigh...Safari users still susceptible to attacks using fake DigiNotar certs (Arstechnica):

Quote

There is still a relatively simple fix to the problem until Apple issues a patch to Mac OS X, however. Using Keychain Access, users can simply delete any DigiNotar certs from the Keychain instead of marking them "untrusted." Since the authority has already revoked all the fraudulent certs, they will no longer validate when Safari or other Mac OS X programs encounter them again.UPDATE: Sleevi contacted Ars to let us know that deleting the DigiNotar root certificate is actually not enough to be completely protected from the hacked certs. "In order to fully work around the issue that exists in OS X, it's necessary to both remove the root cert and make a series of modifications via command-line to the system trust store," Sleevi said. He recommends following the instructions posted at $ps|Enable to fully protect your system.
Protecting Your Mac From the DigiNotar.nl Certificate Compromise $ps|Enable:

Quote

Steps to revoke the trust from the Mac OS X keychain.These instructions in PDF form for printing or download here. Download a package that will delete the DigiNotar Root CA certificates and will revoke the trust on the two root certificates and the four DigiNotar intermediate certificates. The package is now at version 2.1. Please use this version instead of versions 1.0 and 2.0. Update (7-Sep-2011 12:12 PM EDT): News reports state that the GlobalSign CA may also have been compromised. I will be tracking this as well and updating tools and notes as I find out information. Update (7-Sep-2011 1:26 AM EDT): Installer package updated to delete the two bad root certificates and mark the two root certificates and four intermediate certificates as untrusted. Step-by-step instructions on HTML page and PDF updated. Text, info, and links updated with info on number of compromised certs. Update (6-Sep-2011 11:10 PM EDT): It's been a long day for me doing business-type work that pays the bills, but it turns out that you actually need to mark the DigiNotar root certificates as untrusted as well as deleting them from the SystemRootCertificates.keychain. I will be updating the instructions and package later tonight. Fortunately, the package is built so that adding the two root certificates to the list of certs to be marked as untrusted is very easy. My thanks to Ryan Sleevi for assistance and insights.
bold emphasis mineSo basically I have disabled it and now deleting it.
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#20 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 08 September 2011 - 01:01 PM

Oh, and here's the confirmation on the Second firms stops issuing digital certificates (CNET):

Quote

A second company that provides digital certificates used to authenticate Web sites won't be issuing them while it investigates whether it has been compromised as a hacker has claimed.A hacker who goes by the alias "Ich Sun" has taken responsibility for a recent breach at Dutch certificate authority DigiNotar that resulted in more than 500 SSL (Secure Sockets Layer) certificates being fraudulently issued, including one that was used to spoof Google.com.The self-proclaimed Iranian patriot, who was behind a hack on certificate authority Comodo this spring, says he has hacked four or more certificate authorities, including GlobalSign.
Much more in the article...
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#21 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 08 September 2011 - 01:04 PM

This just gets worse and worse, eh?   :medic: :'( ;)
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#22 OFFLINE   Corrine

Corrine

    The Mystical Rose

  • Forum Admins
  • 4,355 posts

Posted 09 September 2011 - 01:31 PM

If anyone uses Adobe Reader or Adobe Acrobat, instructions are available at Update on DigiNotar and the Adobe Approved Trust List (AATL) « Adobe Product Security Incident Response Team (PSIRT) Blog for removing DigiNotar Certificates.The Adobe Reader/Acrobat security update is scheduled for Tuesday, September 13, 2011.
Posted Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

#23 OFFLINE   Corrine

Corrine

    The Mystical Rose

  • Forum Admins
  • 4,355 posts

Posted 09 September 2011 - 02:50 PM

Apple strikes stolen SSL certificates from OS X - Computerworld

Quote

Apple today released an update to Mac OS X that blocks Safari users from reaching sites secured with certificates stolen from a Dutch company last summer.The update follows others by Microsoft, Google, Mozilla and Opera Software, which have already blocked or permanently barred the use of all certificates issued by DigiNotar, a certificate authority, or CA, that acknowledged its servers were breached and unauthorized SSL (secure socket layer) certificates obtained by one or more attackers.Apple's update came just days after a security researcher criticized the company for "dragging its feet." In March, Apple took a month to block nine certificates stolen from U.S.-based Comodo, three weeks longer than Microsoft.
Since this topic evolved into information about multiple products, the title has been updated.
Posted Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

#24 OFFLINE   striker

striker

    handyman

  • Honorary Moderators
  • 8,509 posts

Posted 09 September 2011 - 04:55 PM

This Diginotar 'company' can shake it, they're out.
Striker
still the same...

#25 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 22,548 posts

Posted 09 September 2011 - 09:24 PM

Great idea Corrine on changing the topic so folks will know what items they have to manually update and which ones have already updated.:thumbsup:
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users