Internet security is pwned by organisations powerful enough to hack into CAs or ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		acd on Feb 28, 2014 \| parent \| context \| favorite \| on: Seven People Who Hold the Keys to Worldwide Intern... Internet security is pwned by organisations powerful enough to hack into CAs or simply buy one and run them as a covert operation impersonating any site they want by issuing certificates trusted by all web browsers. Internet security broken by design of centralization. Thus if you have IP A you will get fake certificate generated by government owned CA, if you have IP B you will get to the real site. If you are IP A you will get pwned by MITM attack malware the site will look genuine to the browser.

MichaelGG on Feb 28, 2014 [–]

Governments already directly own CAs.

The mitigation for the attack you outlined is that such attacks will be detected, and the CA will get blacklisted. That may not actually work in the real world.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact