Another month has flown by, and we’re here to recap what happened in terms of online and digital security! This time, we’re looking back at what happened in July in the hopes that it will lead to a safer and more-informed summer for us all. Read on to see what stories we thought were most important over the past four weeks.
Code Signing as a Service with eSigner
Need an overview of what SSL.com offers in terms of code signing, including our new eSigner cloud signing service? Check out the new article by Giannis Naziridis, eSigner: Code Signing as a Service, which does just that. In particular, the article highlights the advantages of eSigner for developers who would like to be able to sign code from any internet-connected computer without requiring USB tokens, HSMs, or specialized knowledge of PKI. eSigner also lets developers conveniently share code signing certificates with team members.
Firefox Rolling out DoH-by-Default in Canada
Early in July, the Mozilla blog announced that Firefox will soon be extending default DNS-over-HTTPS to Canadian users. The browser will partner with the Canadian Internet Registration Authority to ultimately reach a goal of DoH as a default for all Canadian Firefox users.
As we’ve written before, the move to DoH as a default is gaining steam. Firefox adopted it for US users in February 2020, and in June 2020 Comcast joined the Mozilla initiative to embrace the standard. From the blog:
Since 2018, Mozilla, CIRA, and other industry stakeholders have been working to develop, standardize, and deploy a technology called DNS over HTTPS (or DoH). DoH helps to protect browsing activity from interception, manipulation, and collection in the middle of the network by encrypting the DNS data.
As the blog also notes, encrypting data with DoH is only a first step. Yes, DoH encrypts DNS information and prevents spying on what websites people are visiting, but Mozilla encourages companies that handle DNS data to follow rules like the ones laid out in its Trusted Recursive Resolver program.
Chrome 92 Improves Its Phishing Detection
The Chromium Blog brings word that phishing detection by Chrome is now faster and more efficient than ever. That does sound like a typical industry blog, granted, but the reason why the browser’s phishing detection has improved is pretty interesting. Chrome 92 is now quickly analyzing site color schemes to match known phishing sites, speeding detection by a factor of 50.
The blog also notes that, in addition to faster speeds, the process used to detect phish-y sites has gotten more efficient. Due to privacy concerns, the calculations are done on users’ machines. Chrome’s improvements are good news for laptop batteries, with an estimated reduction of 1.2% of of the total CPU time used by the browser’s rendering and utility processes.
Microsoft: New SolarWinds Attacker Targets Consumer Routers
A new attack on the embattled SolarWinds has recently been attributed to a Chinese group by Microsoft, which posted details of the attack. Simon Sharwood of The Register does an admirable job of breaking down the situation. In their report, Microsoft notes that the group responsible for the attack, which allowed attackers to run code, install programs and change data on targets “has been observed using commercial VPN solutions and compromised consumer routers in their attacker infrastructure.” The Register article goes on:
The mention of consumer routers is notable, as vendors of such devices are often unhelpfully relaxed about security and seldom make their machines easy to upgrade or advise when an update is necessary. ISPs, which often provide such devices to users, also seldom offer update advice.
While there are a lot of details to the attack, we agree that this is notable. Routers and the Internet of Things in general have increasingly become an entry point for bad guys into everything from home systems to giant companies.