[Cryptography] Sony "root" certificates exposed

Tom Mitchell mitch at niftyegg.com
Thu Dec 18 21:06:37 EST 2014

On Tue, Dec 16, 2014 at 6:10 AM, Phill <hallam at gmail.com> wrote:
> On Dec 15, 2014, at 10:09 PM, Tom Mitchell <mitch at niftyegg.com> wrote:
> On Mon, Dec 15, 2014 at 7:02 AM, Henry Baker <hbaker1 at pipeline.com> wrote:
>> FYI --
>> ......
>> GoP had details on every server and PC, as well as SPE’s “root”
>> certificate.
> Is there any evidence that new certificates have been generated and issued.
> It seems that this is a prudent step.
> We don’t know if there was a breach yet.
> The certificates aren’t published but they are not secret. They are used
> on the public network and were visible before the attack.

We do not know,  OK that makes sense.
Next does Sony know with 100% certainty?

And of the visible security bits do we have common tools to notice
a change intended or unintended.

This Sony infiltration seems extensive and exhaustive.
Locking it all down again seems difficult in the extreme.

Once locked down again changes and partitioning seem very necessary.

I recall the grumpy noises when friends at a famous large company
had to visit the home office to get the new keys when that company
locked down all their networks a lot tighter globally.

One problem with relocking Sony's networks and data is we do not know what
were exploited.    A side effect may be that we may begin to see richer
patch tuesday and patch
submissions on many operating systems, routers and more.  Understanding the
"more list" is interesting -- does it include Sony factories and supply
chain links?

Again we may never know but are there flaws that a Never Say nutting TLA
might know that need to be disclosed to vendors? .. and how will secret
flaws be disclosed so the patch source is kept secure.

Sony is a vast company...  interesting times.

  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141218/d8c7e826/attachment.html>

More information about the cryptography mailing list