The news that has recently been published on the Internet and a lot of income up to this point it's a hoax news; released a large number of SSL certificate valid by a hacker Group sites, which can be thousands to risk their security,

According to the dimensions of the subject specialists on the premise certainly have more peers in this regard will be specialized guides; however, I also hope to write a story solely because this information can be useful, though limited, please, if this post or part of it you find useful; it is time for your friends to publish

Internet piracy news

As the Dutch Government maintains a group هکری(The overwhelming certainty the likelihood the Government of Iran) With the influence of the Dutch company a; lot Certificate SSL issued and the unknown for some time certain method for the information of the people of Iran were more about the use of this method further explain

The Dutch referred to the influence of the company located in one of the dozens of copycats that certification in the field of the SSL. To the institutions that are allowed to export the SSL certificate is «سرتفیکیت آثورتی» Or a "c" briefly say. The certificate is issued by these institutions whose only feature is provided by browsers such as Firefox, Safari, Opera, chrome, and Internet اکسپلوور… Are permitted. Otherwise, if through a SSL address enter a page that belongs to a certificate on another domain or a certificate of the predecessor سایند» installed or no SSL certificate is not on a domain, your browser displays an error page which means we are able to communicate through this security does we endorse

Two instances of the error page on chrome and Firefox

What is SSL and how it is applied

"T" or with the name of El SS his older SSL protocol or part of a network that allows you with a computer server, a secure connection to established

Whenever you open a Web window and enter you sign in to a website, such as data values; HTML code, images, and audio files via the تکست Server computer or the site server to your computer and data values can be transmitted from your computer to the server looks. In the absence of this information are less important, for example, when you read the content of a news site or a general disclosure comments inserted; they can't be much wrong with that, but let's assume you want via the Internet with your credit card purchase, or check your bank account in such circumstances the disclosure of credit card information or bank account or personal information to anyone other than you or the good that the information It can create dangers; and this is exactly the cause is that whereby almost two decades ago, "SSL" secure communication was designed for more

In situations where you go through port 80 or with the same HTML FTP "address" enter a login if the attacker is successful; a between your computer and the site server computer or even the Internet service provider company you can easily gain access to the information exchanged but if you communicate through a سکیور address, first the relationship between your computer and the server computer is رمزگزاری and the password is almost undetectable The influence and then any information that in the meantime the only through Exchange Server site or your computer will be identified to assume that your Internet provider or even a State wishes to check you connections; this information until the destination Web site server to your computer or do not have access, it is not recoverable

How to use SSL to log into a website

To communicate securely with a Web site rather than "HTML FTP» at the beginning of the IP address it should be HTML" t Type "Showtime. The letter «r» in the beginning of the word is an abbreviation of "سکیور" does not mean it is safe and provides information that can be exchanged in this way will be encrypted. To make an Internet domain address سکیور must be able to have a company «c» (The Dutch company such as this that been attacked) A SSL certificate of the United States and it will install the site on the server

If via the Internet with a credit card can buy; it would have the credit card information you enter on the pages سکیور; of course, the best way to use Internet purchases from "PayPal" which belongs to the company «eBay» and automatically pass information with security

https://www.paypal.com/

Using PayPal is completely free, and in addition it purchases the insurance for your limited, but if there was no possibility of buying with PayPal be sure your sensitive information shall be solely in the pages of type سکیور

In addition to money transfers, transfers the information to the same size and even more important. For example, when you want to have a Web site that requires a pass code; it is better to log their AFC media account username and half the page, enter سکیور. A lot of وبسایتها to sfhatshan automatically open سکیور (Same like PayPal that I gave her the link address) In some وبسایتها also have access to both the سکیور and the page is possible and normal to the applied settings is relate by popping. The beating is merely having a secure means to transfer سکیور certification information and if that does good to through normal سکیور has signed; as long as you didn't use that website address safe with other sites will not be the difference. In some cases, a Web site that is accessible from both ways; it's possible that puts you in charge of the سکیور option or make an El on arrival to the site, permanently on your browser

How we purchase the SSL certificate

The companies are holders of a valid SSL certificates sell وبسایتها. These companies will gain information of the buyer to know the license will be issued valid for a Web site

Some of the certificates issued and some other matbertrand solely to companies shall be issued to the certificate "He» They say the only difference is that in this type of certification at the time to confirm the validity of the registration of a company and when entering these sites, your browser address box also comes in green. Some also have no credit certificate and any holder of a that have access to the server settings can be exported for a certificate to the certificate "سایند" the term futures say gave the certificate in this case is not detected by Web browsers and on arrival (I like the picture at the top two )An error message is displayed, but all types of certificates have the same functions with each other in terms of their

If you have a website and solely for yourself at the time of connection to the server you want to use this address to your browser you can give command to attach the license exception page and seeing the error message, and then press the OK button to enter that website again; log whenever an error message was displayed nkhad. However, this type of certification is not suitable for a public website. Technically all SSL certificates work such as نظرکارکرد and the differences between them, so only the task of authentication certificate, issuer companies buyer

In the past the only reputable companies could have on their website to have the SSL certificate but with the passage of time like any other technology, the use of SSL is that somehow finds more prevalent now any holder of the Web site, if you need to purchase a certificate can. If you have a website and you can use a shared هوستینگ of your host provider to request an SSL certificate for you to purchase and install. In addition it is a must for any domain or sub دامینی licence can be installed on a separate IP call. If you run your own server choice still further and can instead of the هوستینگ company, the issuer of the certificate directly from the one you want to issue a SSL certificate

The adventure of the recent abuse

Any user who wants to connect to the Internet from inside Iran is forced to use the public Internet service. This means that the Islamic system all the information has been moved from the usual accesses pages but benefiting from services like Gmail «» practically makes it possible to provide the users with little information had been displaced, and the Islamic Republic of having all this information fails to check the communication channels of control and hence the Islamic system in facing this situation before their three-way is seen

The way the first world countries, like all free for personal freedoms have been considering respect atbaashan; and an end to spying on the private lives of people give up. That, of course, this is with the nature of the Islamic regime, inconsistent

The second way to cut off access to Google services like that in the current conditions of the rational and the negative effects of advertising with respect to the right of it and have not done regardless *

The third way, which is the same as the way to fraud and deceit and deception and is highly sacred harmony with the essence of the system is. For this purpose, with the influence of a company exporting SSL certificate fake certificate number initially; counterfeiting solely with the users browsers when dealing with these certificates not valid error message and know them, then using a technique called My MIT "» Or a man in the midst of, instead of being encrypted data to decrypt; that's practically impossible; user-related information were themselves replaced with real information. That is, in fact, the user has to forge SSL server can be connected to the Islamic Republic and replace it with a destination website is encrypted and server because the certificate is a forgery of the Dutch company had issued that authorized companies on the list was the browser browsers not server time error message like a gentlemen; the typical user simultaneously with the actual server that the user's destination was the Iranian رمزگزاری ERGO Iranian user The State information for the server on the destination computer, and the server could also send the data to the State and transmitted to the computer just came down some data transfer speed. Of course this method for all the sites that use the SSL protocol to use is not possible and only a few were selecting website

لیست وبسایتهایی که برای آنها گواهینامه صادر شده و تعداد گواهینامه های جعل شده را From here می توانید ببینید

CN=*.*.com 1

CN=*.*.org 1

CN=*.10million.org 2

CN=*. JanamFadayeRahbar.com 1

CN=*. RamzShekaneBozorg.com 1

CN=*. SahebeDonyayeDigital.com 1

CN=*.android.com 1

CN=*.aol.com 1

CN=*.azadegi.com 1

CN=*.balatarin.com 3

CN=*.comodo.com 3

CN=*.digicert.com 2

CN=*.globalsign.com 7

CN=*.google.com 26

CN=*.logmein.com 1

CN=*.microsoft.com 3

CN=*.mossad.gov.il 2

CN=*.mozilla.org 1

CN=*.skype.com 22

CN=*.startssl.com 1

CN=*.thawte.com 6

CN=*.torproject.org 14

CN=*.walla.co.il 2

CN=*.windowsupdate.com 3

CN=*.wordpress.com 14

CN=Comodo Root CA 20

CN=CyberTrust Root CA 20

CN=DigiCert Root CA 21

CN=Equifax Root CA 40

CN=GlobalSign Root CA 20

CN=Thawte Root CA 45

CN=VeriSign Root CA 21

CN=addons.mozilla.org 17

CN=azadegi.com 16

CN=friends.walla.co.il 8

CN=login.live.com 17

CN=login.yahoo.com 19

CN=my.screenname.aol.com 1

CN=secure.logmein.com 17

CN=twitter.com 19

CN=wordpress.com 12

CN=www.10million.org 8

CN=www.Equifax.com 1

CN=www.balatarin.com 16

CN=www.cia.gov 25

CN=www.cybertrust.com 1

CN=www.facebook.com 14

CN=www.globalsign.com 1

CN=www.google.com 12

CN=www.hamdami.com 1

CN=www.mossad.gov.il 5

CN=www.sis.gov.uk 10

CN=www.update.microsoft.com 4

چک سفید امضا

The first two certificates were issued for themselves in fact check is the signature white

CN=*.*.com 1

CN=*.*.org 1

In fact, for each domain "com" or "ارگی" with these two could create access certificate. Of course, the risk of the use of these two certification is high and as soon as the review, ایرادش turns out to be. Probably these two certificates were issued to ensure only because otherwise no longer need to issue many certificates not

Salavati servers

This is among the few forging certificates to download software in order to possibly manipulated by users or old users of counterfeit software update is

CN=*.android.com 1

CN=*.microsoft.com 3

CN=www.update.microsoft.com 4

CN=*.mozilla.org 1

CN=addons.mozilla.org 17

If the inside of the features you use, for example, Microsoft Windows Vista, 7, or Internet Explorer browser and automatically update them if you didn't disable; as well as the operating systems and browsers Firefox and Google chrome دروئید used to; should know probably within the last few months, instead of the firms, Iran's State-run servers don't bother updating the software you have and of course the بروزرسانیها exactly what will be included; Strictly related to the SSL certificate has been setup or install spy programs; unfortunately still unclear but there is so much that even the Scouting section plugins and plugins also went

Click on the province line

This certificate belongs to the blogging service, social networking or email service that includes all the information possibly users store private unoshte password *

CN=www.facebook.com 14

CN=www.google.com 12

CN=wordpress.com 12

CN=*.aol.com 1

CN=*.azadegi.com 1

CN=*.balatarin.com 3

CN=*.logmein.com 1

CN=login.live.com 17

CN=login.yahoo.com 19

CN=my.screenname.aol.com 1

CN=secure.logmein.com 17

CN=www.cybertrust.com 1

CN=www.Equifax.com 1

CN=*.skype.com 22

Gmail, Yahoo, and he led the companies are providing email services, so this is better than this so no significant care information via this not be pasted into the services

Back to Facebook, Twitter, and the freedom trail, the feed link and social network sites are. Certification of the WordPress site is a hoax and probably the users information is stolen, and of course the subject of the communication content management system WordPress or WordPress sites that the program does not use the. A few Internet chat service, certificate of the proxy for online save file وسرویس counterfeiting

SSL solvent

The number of certificates issued for companies of the SSL certificate, which probably were going at least part of the new SSL issued their own or have access to the information they

CN=Comodo Root CA 20

CN=CyberTrust Root CA 20

CN=DigiCert Root CA 21

CN=Equifax Root CA 40

CN=GlobalSign Root CA 20

CN=Thawte Root CA 45

CN=VeriSign Root CA 21

In the present situation they shouldn't worry about what?

If you only have a regular user of any of the above sites and each of the units frequently too bad bounce with auqattan entirely to the Holy system of the test there is no cause for concern;. Because the Iranian nation so اینروزها almost all your work and to assume that the information users have no way to save the category and there are several million user mining information. Scare the ordinary people the main objective of this break is embarrassing

Who should be concerned about?

1. If you are an active cultural or political thought, you may be under the control of the person you communications; unfortunately come with the status quo, there is good reason for concern
2. If it is for the Ministry of Foreign Affairs of Israel, or for وبسایتهایی such as Ten million net of the CitadelSent information; it is better to look for a new address to be yourself. Of the ten million dollar check to send اسراییلیها to the previous address do not concern yourself either way because as much as the State of Israel is likely to give you $10 million that the Islamic Republic is the same as the money in a profitable trade invest!
3. If you are a spy from inside Iran to each of these forms of information sent, you have an immediate need to a rat hole! In addition to the mouse holes is better than looking for a job for which, unlike this one it have talent because no wise of the people inside Iran for these sites send information

https://www.cia.gov/cgi-bin/comment_form.cgi

https://www.mossad.gov.il//persian/ContactUs.aspx

https://www.sis.gov.uk/form/

CN=*.mossad.gov.il 2

CN=www.cia.gov 25

CN=www.mossad.gov.il 5

CN=www.sis.gov.uk 10

What is solution?

Unfortunately there is no definitive solution, not now nor in the future, probably does not exist. تکنولوژیهایی such as "SSL" is not merely for this have been created that هکری attacks when paying or the front of the disclosure of personal information and probably not imagine sazandgansh * that a foreign Government with possessing all the infrastructures and Internet communications wishes to steal the information a few million shhrvandsh

Our ancestors during the constitutional revolution with the possession of a telegraph line that was cut off for weeks and at the time of the connection possibility the readout there all پیامهایشان with the use of password messages in Tehran, Rasht and Tabriz, a political movement in advance *. Before the Islamic revolution was not much changes and circumstances so revolutionaries, including MKO, through the left and sometimes extraordinary procedures for the communication of the invention, and in some cases heavy costs for the transfer of a message given by simple. Nevertheless, for if you're a political activist and you expect from the same way that your aunt for sending the message; the girl with a political or human rights organizations communicate and security you want to; the main drawback arising from imaginary handsome--and you. در هیچ دوره ای از تاریخ بشر این اندازه امکانات برای ارتباطات وجود نداشته که در دوران ما وجود دارد؛ صرف در نظر گرفتن این حقیقت که شما متصل به اینترنت هستید (Any size limits that apply.) It means that you have access to a world of knowledge and facilities

The more I try to write a few brief advice if the readers of this entry, those wanting to add items or they can secure a modification me description section to insert کامنتها

برای دریافت فایلها از سرورهای آینه استفاده کنید. همانطور که متوجه شدید گواهینامه هایی برای گوگل، فایرفاکس و مایکروسافت جعل شده است. بنابر این اگر در ایران هستید، بهتر است هیچ برنامه ای را از روی این سرورها دانلود نکنید و هیچ برنامه ای را هم از این طریق بروزرسانی نکنید. If you really need of products related to these companies can be used to pursue other alternative servers; probably hundreds and thousands of other Web sites on the Internet that there are سکیور and address both these programs were stored on your server, for example, can the latest version of the Firebird from numerous sites except the site get Firefox

For sensitive communication of the system other than the Windows عاملهایی. Unfortunately this fact is sometimes forgotten that we of the shaggy programs we use. Including the operating system which is installed on most Iranian computers; the Windows operating system, which is in almost all of the items from the original Corporation is not purchased. A monument is that these programs are within Iran's Islamic system, and Kirk is a very good possibility to manipulate and distribute them at its disposal. Because of the recent خرابکاریهای update information solely to prevent the Internet Explorer browser to fake certificates were efforts or programs have been well on the operating system you install, they still do not know . If you really need to use the Windows operating system; can use a version of it through a server non-Iranian(That is not Microsoft) Download and then install the program utilizes a crack to crack it ویندز. After installing both recommend that you disable automatic updates, and antivirus بجایش وایرس and other companies to install firewall. List of free antivirus and firewall program number وایرس Here Available

As far as the OS is concerned a more effective way of applying it and there are also non-Windows operating systems. Remember you can click on a "Zune" to various operating system install twenty-eight, and of an operating system for tasks that require higher security interest has the Windows and still time to have your daily tasks. Linux-based operating system in addition to being free have more security are. One of these good programs Operating system «Ubuntu» Which is free and does not need to crack and the prtebl version can be used without having to install it use. A number of other free operating systems Here Have been introduced that do not have any need to install from a CD or Flash memory are "applicable". Use the prtebl program also has the advantage that something in your computer, do not save history

Of methods, وبسایتها and programs that do not use all. As you know the Gmail service is probably the best free e-mail provider is General and. The big problem of this system is that the more people use it and hence to influence and forge the certificate is first of all went to the same. But dozens of Web sites and other free email provider with the same facilities and سکیور does exist, which most people do not know them. A list of these وبسایتها can Here Or here See. For example, this Web site «Fast mill dot FM» That's a common domain such as com or organ does not use either if the SSL address is accessible inside the country; it is not a bad choice or possibly other similar services that search on Google with yourself so you can find the examples. This of course does not mean that other than do not use Gmail but it is better to do things other than personal chores and other options, consider the. The same approach is also the best chrome and Firefox browsers, but the most common are flipped that گواهیهایشان counterfeit; but instead of forging certificates, list news is not Apple so the browser Apple's Safari Perhaps it is not a bad choice . It is said that that was the last Safari browser to invalidate the certificates have been falsified and chrome is the first browser was that they recognize. However, late recognition is far better than never tour! Opera browser Also had another browser that has have not. Netscape is owned by a company called him El which, unfortunately, is also on the list of sites to forge the eye eats

This is probably their دیگرکه browser does a few you wouldn't awareness. Some of these browsers are pretty good programs

http://kmeleon.sourceforge.net/

http://www.avantbrowser.com/

http://www.konqueror.org/features/browser.php

http://www.dillo.org/download.html

If a webmaster or site owner are personal to the external server update. Forging a WordPress website SSL certificate shows that the جاعلین have a lot of interest to the Iranian وبلاگنویسان information and the subject is definitely about personal sites will be true

وبسایتهایی داینمیک by the wise and dynamic pages show up; or using a personal content management system, or in most cases offers systems that other programmers can benefit developed . Many small webmasters or ordinary users due to security and high possibilities of using WordPress content management system( That communication is not وبلاگدهی WordPress site). Thirty-two of the "MS" or "content management application based on PHP Joomla, Drupal and other" are the three systems she fortunately for English language users have translated into English

Without being noticed, I want at least the tenacity to kill without any bother چشمداشتی and free to users for the cumbersome translation; unfortunately this potential through the possibility of the English sites to publish there is manipulation of the files. If you are any of these systems, the user can easily just a few KB file translated from the latest available version of this program in your WordPress or Joomla and Drupal apart and merely a few KB to your website translate file transfer. In the next stage by adding a configuration file on the command line, making your site control panel English; without need to get files from the server all Iranian. To update these systems together whenever a new version of them to be released from the main servers to use. Given that most service providers overseas websites هوستینگ and Internet connection they are not under the control of Iran; therefore, this programs through the main servers if WordPress or Joomla and Drupal are updated rather than worry there will be no