The Chrome, Firefox and Safari browsers rely on TLS certificates from TrustCore, a company that has suspected ties to the spyware vendor.
If you are on the Internet with a browser, you usually automatically use encrypted communication, the purpose of which is to protect the transmitted data. Among other things, TLS certificates are important for this encryption, which must be trusted by the browser concerned. Popular browsers Google Chrome, Apple Safari and Mozilla Firefox also apparently rely on certificates from a company linked to the US Secret Service and a spyware maker, reports The Washington Post.
Specifically, the report is about Trustcore, which provides TLS certificates for websites. There are said to be over 10,000 certificates issued to various websites, which is not unusual in principle. Trustcore’s connections do raise questions, however. According to the Washington Post, the company is said to be registered in Panama, and the registration entry claims to have the same authority as spyware maker Measurement Systems. This in turn belongs to the company Packet Forensics, which sells wiretapping services to US government agencies.
An example of such a link is Raymond Solino named as a partner by Trustcore. A person of the same name appeared as a spokesperson for Packet Forensics in 2010, and Measurement Systems was filed by Soulino of Virginia. This company has garnered particular attention in the past with a spyware SDK that was integrated into several apps in the Google Play store.
The same spyware was reportedly also integrated into the trial version of the TrustCore e-mail service. In addition, there are doubts about the service’s advertised encryption: there is an allegation that TrustCore can decipher e-mail traffic and read messages.
The said TLS certificates would also provide the same potential for abuse. There is no evidence of abuse of TLS certificates offered by Trustcore, but according to the Washington Post, short-term use is quite conceivable, especially against critical targets. An anonymous contact with connections to Packet Forensics is also said to have confirmed that the certificates were exploited accordingly.
In response to reports, the smartphone operating system Graphenos has already withdrawn the recognition of the certificates, and Mozilla has also become aware of the matter. The company is requesting a statement from Trustcore within two weeks. So far, only one has happened from Packet Forensics: The company claims it has no business relationship with Trustcore. However, it was not mentioned whether there were any links between the two companies in the past.
Freelance twitter maven. Infuriatingly humble coffee aficionado. Amateur gamer. Typical beer fan. Avid music scholar. Alcohol nerd.