Jul 9, 2019

Mozilla thwarts alleged spy's bid to guard web security

Mozilla, the creator of the Firefox web browser, has denied a request from a United Arab Emirates firm — accused of assisting that nation's global cyber espionage operations — to issue security certificates to websites without the supervision of a more trusted group.

Why it matters: Web certificates are a key part of encrypting traffic to and from websites. A malicious group issuing those certificates could snoop on data to the sites it serves.

Context: Jenna McLaughlin of the The Intercept along with Christopher Bing and Joel Schectman of Reuters wrote explosive reports about Dark Matter, the UAE outfit tied to cyber espionage.

  • As those reports were published, Mozilla was considering a request from Dark Matter to be included in Mozilla's list of root certificate authorities — which would give Dark Matter the ability issue certificates.

Details: Since the Reuters report in January, Mozilla has been accepting developer comments on whether it should stop trusting certificates issued to Dark Matter by root certificate authorities, known as intermediate certificates.

  • Ultimately Mozilla "made the decision to revoke trust in Dark Matter’s intermediate certificates and to deny the pending inclusion request," Mozilla said in a statement
  • "We are confident this is the right decision, but it was not made lightly," the statement continued.
Go deeper