undefined | Better HN

0 pointsstatictype2y ago0 comments

For all this to work you need to control the domain. Is that easier than simply breaking into their systems and owning their servers?

0 comments

Cpoll2y ago

That's exactly what they're saying.

> it could have been bad if it was an external ip with a machine setup by a phisherman

I.e. one of the IPs for microsoft.com belongs to $phisher, which means they control (a subset of the traffic going to) the domain. They can't add CNAME records for certificate validation, but LetsEncrypt for example offers HTTP-based validation.

Not sure how Microsoft sets up their certificate pinning, it might not be quite that easy.

notakio2y ago

For the Microsoft.com domain, proper, there seem to be no existing CAA rules, allowing each and every CA on earth to issue certificates based on whatever criteria the CA requires. What could possibly go wrong with that approach?

rasengan2y ago

It might also be a highly targeted attack on someone with precious information wherein someone was able to hack a simple router and in order to get access to their actual microsoft.com account, they simply setup a phisherman's clone on the router and captured the login/password/2fa and got into the account.

water92y ago

Sometimes it’s easier to bribe then to break

j / k navigate · click thread line to collapse