GoSign is a desktop client used across Italian public administrations and enterprises for qualified electronic signatures, produced by Tinexta InfoCert, one of Europe’s major eIDAS-regulated trust service providers. Researchers found that versions ≤ 2.4.0 disable TLS certificate verification when a proxy is configured and use an unsigned update manifest. Combined, these flaws allow man-in-the-middle attacks and delivery of malicious updates leading to remote code execution.
Comments
gritzko•2mo ago
Paris
Cloudflare
Error
chasing0entropy•2mo ago
AI scrapes internet from millions of IPs worldwide proving an orchestrated, intelligent, botnet effectually becoming a large percentage of total internet traffic overnight.
Internet responds by retreating to behind a single cloud provider who can mysteriously keep ai at bay... Same provider network is probably responsible for the near instantaneous distribution of AI traffic to begin with.
Internet's last bastion of hope is attacked, rather quickly, and half of the internet is scrambling to remember how to administer DNS (The other half never knew).
agos•2mo ago
Cloudflare was already a thing before AI scrapers
immibis•2mo ago
And they were strongly suspected to DDoS their prospective customers, so they would suddenly have a need to buy DDoS protection.
steelbrain•2mo ago
First I’m hearing of it, got a source?
giancarlostoro•2mo ago
That is a wild claim, got some evidence?
gruez•2mo ago
How does this work given there are many competing DDoS protection providers like Akamai, Azure, or AWS?
amalcon•2mo ago
The claim I think you're referring to is in two parts:
1) They were willing to sell DDoS protection to DDoS services
2) This decision was made specifically because the existence of DDoS services increased the value of their product
This was always a weird claim, because the first part is 100% true -- while the second part was always unfounded speculation. The conclusion is thus most likely false. They just didn't want to incorporate that sort of thing into their ToS or vet their customers in that way, for various understandable reasons.
nullbyte808•2mo ago
what is this "AI" your referring to?
nullbyte808•2mo ago
Bonjour!
VladVladikoff•2mo ago
Cloudflare yet again making the internet a shittier place. I will never understand why so many people willingly allow their website to be MiTM’d by this garbage company.
delichon•2mo ago
Then I suppose you know a better alternative when your site is being effectively DDOSed by a ridiculously high volume of scrapers. Please share.
But Cloudflare has the best marketing of all of them ¯\_(ツ)_/¯
ramon156•2mo ago
iirc isn't steam also on fastly? I vaguely remember their stack to either include fastly or they're using fastify. Names...
hofrogs•2mo ago
I think Steam uses akamai, at least for user-generated content
codingminds•2mo ago
Seems to be correct
store.steampowered.com. 30 IN A 184.31.101.220
NetRange: 184.24.0.0 - 184.31.255.255
CIDR: 184.24.0.0/13
NetName: AKAMAI
chasing0entropy•2mo ago
There are so many CDNs, they have existed since the internet was just for porn. The problem is they are not as easy to use for today's novice webdev with zero knowledge of how to administer or even research infrastructure beyond the stack specs.
whizzter•2mo ago
I don't think the issue is a skill one but rather giving a sane option.
Going to Akamai's site I don't see a single mention of pricing, I don't want to be smooched by some enterprise salesman to get my pricing options.
Going to Fastly's site I see egress costs that makes me think I could probably be better of just staying on AWS,Azure or smth and have a single bill to care about. (That have their own expensive options).
There's probably other small players with sane options pricing wise, but when it comes to managing DDoS issues people want someone big to handle the bulk.
deaux•2mo ago
LA here.
N19PEDL2•2mo ago
How is this related with the Cloudflare outage? The bug was present in GoSign Desktop <= 2.4.0, so it seems that it was introduced long time ago.
CodesInChaos•2mo ago
I'm a bit confused by the privilege escalation part. Doesn't modifying the settings require the same privileges the application has?
SkiFire13•2mo ago
I suppose the application runs as root (to update the application files) but reads the user settings (which are writable without root priviledges)
gritzko•2mo ago
chasing0entropy•2mo ago
Internet responds by retreating to behind a single cloud provider who can mysteriously keep ai at bay... Same provider network is probably responsible for the near instantaneous distribution of AI traffic to begin with.
Internet's last bastion of hope is attacked, rather quickly, and half of the internet is scrambling to remember how to administer DNS (The other half never knew).
agos•2mo ago
immibis•2mo ago
steelbrain•2mo ago
giancarlostoro•2mo ago
gruez•2mo ago
amalcon•2mo ago
1) They were willing to sell DDoS protection to DDoS services
2) This decision was made specifically because the existence of DDoS services increased the value of their product
This was always a weird claim, because the first part is 100% true -- while the second part was always unfounded speculation. The conclusion is thus most likely false. They just didn't want to incorporate that sort of thing into their ToS or vet their customers in that way, for various understandable reasons.
nullbyte808•2mo ago
nullbyte808•2mo ago
VladVladikoff•2mo ago
delichon•2mo ago
codingminds•2mo ago
But Cloudflare has the best marketing of all of them ¯\_(ツ)_/¯
ramon156•2mo ago
hofrogs•2mo ago
codingminds•2mo ago
chasing0entropy•2mo ago
whizzter•2mo ago
Going to Akamai's site I don't see a single mention of pricing, I don't want to be smooched by some enterprise salesman to get my pricing options.
Going to Fastly's site I see egress costs that makes me think I could probably be better of just staying on AWS,Azure or smth and have a single bill to care about. (That have their own expensive options).
There's probably other small players with sane options pricing wise, but when it comes to managing DDoS issues people want someone big to handle the bulk.
deaux•2mo ago
N19PEDL2•2mo ago