Oh how embarrassing

Imagine that! ... from Google Diagnostic ... I wonder what malicious software was being distributed on the 15th?

So let's click on over to trustlogo.com from the Google Diagnostic report ...

 The really embarrassing part is that the site mentioned sagunnyu.com appears to use a Comodo certificate ... ouch!

== Server Certificate ==========
[Subject]
  CN=sslsecurity.kr, OU=Comodo InstantSSL, OU=Hosted by Jungbonet inc., OU=SSLSECURITY_TEAM, O=JUNGBONET, STREET=Nonhyeon-dong, L=Nonhyun-Dong, S=SEOUL, PostalCode=135-010, C=KR

[Issuer]
  CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

[Serial Number]
  2677FD02915826F36B72BDC69DBA9BC9

 Maybe a certain CEO should spend a little more time making sure things like the above don't happen rather than spewing out one-sided spin in an effort to deflect the real problem = failure to address an ongoing (since 2007) problem:

Criminals using Comodo to attempt legitimacy

Published Fri, Jul 31 2009 22:55 by winhelp2002

Comments

# re: Oh how embarrassing

Saturday, August 01, 2009 1:45 PM by Alan Winston

So is there some way that I can exercise precautions with Comodo certificates in Firefox?

I looked at the Certificate Manager options and am not clear what penalties there might be for editing or deleting the Comodo entries.

What I'd really like is some warning when a site has a Comodo certificate so that I can either retreat and skip the site or proceed with extra caution.

# re: Oh how embarrassing

Sunday, August 02, 2009 10:09 AM by Melih

This is a False Positive by Google.

And what is embarrasing is a so called security professional doing a blog about a false positive!

Melih

# re: Oh how embarrassing

Sunday, August 02, 2009 12:57 PM by Mattchu

This is getting a bit silly now is it not?

Are you sure that is a malicious website, doesn`t seem that way to me.

# re: Oh how embarrassing

Monday, August 03, 2009 12:18 AM by winhelp2002

Doesn't look like a false positive to me ... it clearly reads: "malicious software being downloaded and installed without user consent"

If you have an issue with the analysis from the diagnostic report ... take it up with Google, I'm just reporting their findings ... the same as I did here:

How is Google going to explain this?

msmvps.com/.../1652042.aspx

Google exposes ClickBank as malicious

msmvps.com/.../1652455.aspx