General discussion and chat (archived)
Was doing some reading this evening when I ran across this article.
https://www.blacklistednews.com/article ... where.html
Cyber-Mercenary Groups Shouldn't be Trusted in Your Browser or Anywhere Else
In it, they talk about a shady company getting trusted CA's with the likes of F.F. and the
cost of that decision.
My question is, does PM get their CA's from Mozilla? Or do we get them from somewhere else.
Forgive me if I am not using the right terminology here.
- Posts: 151
- Joined: 2018-05-26, 18:13
Not answer to your question, but....
Mozilla and other root certificate database maintainers (Microsoft, Google, and Apple)
Years ago after Firefox update, I would go in and delete all but a few more trusted CAs.
Now I don't even bother using them most of the time.
- Board Warrior
- Posts: 1569
- Joined: 2015-07-23, 16:09
- Location: Norway
How to distrust DarkMatter certificates in Pale Moon
1) Navigate to 'Tools' (or 'Pale Moon' button) > 'Preferences' > 'Advanced' > 'Certificates', and click on the "View Certificates" button.
2) Scroll down, and highlight all "QuoVadis Root" certificates.
3) Click on the "Delete or Distrust" button, and confirm distrust by clicking "OK".
Article @ gHacks
https://www.ghacks.net/2019/02/24/how-t ... tificates/
A Reuter's article links DarkMatter to the United Arab Emirates government and surveillance operations.
One such operation, called Karma, saw the team hack iPhones of "hundreds of activists, political leaders, and suspected terrorists" according to Reuters.
Issue report @ GitHub
Last edited by Tomaso
on 2019-02-24, 12:50, edited 4 times in total.
- Posts: 157
- Joined: 2017-09-27, 06:50
DarkMatter controls an intermediary certificate already called QuoVadis. QuoVadis is owned by DigiCert which means that there is some oversight in place currently.
Avatar's Source: yereverluvinuncleber
SierraChart_100 wrote:Firefox started off good and gradually descended into absurdity.
Moonraker wrote:Palemoon is still the only fully customised browser available.
basicuser wrote:Pale Moon an oasis of sanity in a sea of stupid.
- Pale Moon guru
- Posts: 29325
- Joined: 2011-08-28, 17:27
- Location: Tranås, SE
To answer the question, root certificates in the trust store are part of NSS (i.e. we normally do not manage this ourselves but delegate this to the NSS team).
"Son, in life you do not fight battles because you expect to win, you fight them merely because they need to be fought." -- Snagglepuss
- Board Warrior
- Posts: 1695
- Joined: 2015-09-30, 23:02
- Location: uk.
Just a cautionary note.disabling ir deleting these certs will cause issues with some known sites like twitter and protonmail seems to be affected also.
Xenial puppy linux 32-bit.
Pale moon 29.0.0.