EFF in the News
In a report issued this week, online watchdog group the Electronic Frontier Foundation said that certificate authorities are issuing SSL certificates for unqualified domains in large numbers, a practice that the report’s author Chris Palmer says could impact the integrity of the whole SSL system, and puts Internet users at increased risk of attack.
The EFF has issued a report that's gaining some attention in the media. It exposes the bad habit of issuing SSL certificates to unqualified domains. In the process of revealing this issue, some focus has also been given to the discovery of incorrectly assigned EV SSL certificates.
Internet certificate authorities are creating security risks for everyone by signing off on unqualified domain names - thousands of them - according to Chris Palmer, technology director of the Electronic Frontier Foundation.
Late last month, the American Civil Liberties Union (ACLU) and Electronic Frontier Foundation (EFF) filed objections to the United States Government's 'secret' attempts to obtain Twitter account information relating to WikiLeaks.
Chris Palmer wrote a blog on Tuesday outlining work the EFF had done analyzing the quantity of certificates that were signed and trusted by all of our browsers that were technically invalid and could be used for fraud.
One of the mistakes that has a lot of potential of being misused by malicious individuals has been pointed out by EFF's Technology Director Chris Palmer in a recent blog post.
The Electronic Frontier Foundation, an online civil liberties group, has explored the Internet in an attempt to map this nebulous system. As of December, 676 organizations were signing certificates, it found. Other security experts suspect that the scan missed many and that the number is much higher.
But the Electronic Frontier Foundation’s brief describes a range of examples in which fear of unpredictable and potentially large damages has hampered “reasonable and prudent experimentation with copyrighted material, especially in the digital environment.”
In an email, Corynne McSherry, the intellectual property director at the EFF, wrote that the filing is “the crucial first step” necessary to (as one Facebook page puts it) “Take Back Urban Home-Steading(s).” Why the awkward spelling? Because, Facebook users can’t say “urban homesteading” either.
For more we go to Mark Rumold, Legal Fellow with the Electronic Frontier Foundation, who’ve investigated the use of these expiring provisions and say they’ve uncovered possible abuses of the law.