Tag Archives: Symantec

Symantec Breaks Trust with the Internet?

Crypto machine rotor

Symantec is one of the companies that holds the keys to the Internet: they are a trusted certificate authority for authenticating major web sites. All major browsers recognize Symantec as a trustworthy source of SSL/TLS authentication certificates. Symantec (also known by its subsidiary name Verisign) is part of a chain of trust that keeps our Internet traffic safe.

Recent reports suggest that they have broken their trust with the Internet community. Symantec has apparently delegated some of its authentication authority to Blue Coat software, a company that makes and sells network snooping gear. A 2013 report by Reporters Without Borders contains 2 pages highlighting Blue Coat’s role in helping repressive regimes monitor encrypted web traffic.

Symantec has issued Blue Coat its own authority certificate. Blue Coat can use this to create and distribute bogus certificates that allow its gear to decrypt encrypted web traffic.

Continue reading Symantec Breaks Trust with the Internet?