We recently discussed an issue regarding rogue SSL certificates, and the danger therein. These certificates were issued by a hacker who broke into the computers of a Dutch certificate authority, DigiNotar. This issue – and several others in recent months – have made people realize that these SSL certificates, which are designed to ensure that you are connecting to a valid web site, aren’t as solid as they once thought. For this reason, you need to understand how they work, and what you can do to protect your Mac.
Glenn Fleishman, on Macworld, has written an extensive article about security certificates and how to work with them. He discusses how these certificates work, and how you can verify certificates. He also explains what security settings you can use to make sure that you are as safe as possible, and how to remove untrustworthy certificate authorities from your Mac.
It’s a long article, and covers a lot of detail, but understanding how these certificates work can help you take the steps necessary to protect your Mac and your data.
For even more information about the DigiNotar breach, see Joshua Long’s comprehensive article on How to Revoke Trust for DigiNotar Root CA Certs—Even On Older Macs.
