GoSign Desktop RCE flaws affecting users in Italy

ush.it

40 points by ascii 3 hours ago

GoSign is a desktop client used across Italian public administrations and enterprises for qualified electronic signatures, produced by Tinexta InfoCert, one of Europe’s major eIDAS-regulated trust service providers. Researchers found that versions ≤ 2.4.0 disable TLS certificate verification when a proxy is configured and use an unsigned update manifest. Combined, these flaws allow man-in-the-middle attacks and delivery of malicious updates leading to remote code execution.

gritzko 3 hours ago

Paris Cloudflare Error

  • chasing0entropy 3 hours ago

    AI scrapes internet from millions of IPs worldwide proving an orchestrated, intelligent, botnet effectually becoming a large percentage of total internet traffic overnight.

    Internet responds by retreating to behind a single cloud provider who can mysteriously keep ai at bay... Same provider network is probably responsible for the near instantaneous distribution of AI traffic to begin with.

    Internet's last bastion of hope is attacked, rather quickly, and half of the internet is scrambling to remember how to administer DNS (The other half never knew).

    • agos 2 hours ago

      Cloudflare was already a thing before AI scrapers

      • immibis 2 hours ago

        And they were strongly suspected to DDoS their prospective customers, so they would suddenly have a need to buy DDoS protection.

        • giancarlostoro 14 minutes ago

          That is a wild claim, got some evidence?

        • steelbrain 2 hours ago

          First I’m hearing of it, got a source?

    • nullbyte808 2 hours ago

      what is this "AI" your referring to?

  • deaux 2 hours ago

    LA here.

  • VladVladikoff 2 hours ago

    Cloudflare yet again making the internet a shittier place. I will never understand why so many people willingly allow their website to be MiTM’d by this garbage company.

    • delichon 2 hours ago

      Then I suppose you know a better alternative when your site is being effectively DDOSed by a ridiculously high volume of scrapers. Please share.

      • chasing0entropy 2 hours ago

        There are so many CDNs, they have existed since the internet was just for porn. The problem is they are not as easy to use for today's novice webdev with zero knowledge of how to administer or even research infrastructure beyond the stack specs.

        • whizzter an hour ago

          I don't think the issue is a skill one but rather giving a sane option.

          Going to Akamai's site I don't see a single mention of pricing, I don't want to be smooched by some enterprise salesman to get my pricing options.

          Going to Fastly's site I see egress costs that makes me think I could probably be better of just staying on AWS,Azure or smth and have a single bill to care about. (That have their own expensive options).

          There's probably other small players with sane options pricing wise, but when it comes to managing DDoS issues people want someone big to handle the bulk.

      • codingminds 2 hours ago

        E.g. https://www.fastly.com/

        But Cloudflare has the best marketing of all of them ¯\_(ツ)_/¯

        • ramon156 2 hours ago

          iirc isn't steam also on fastly? I vaguely remember their stack to either include fastly or they're using fastify. Names...

          • hofrogs 2 hours ago

            I think Steam uses akamai, at least for user-generated content

            • codingminds an hour ago

              Seems to be correct

                store.steampowered.com. 30 IN A 184.31.101.220

  NetRange:       184.24.0.0 - 184.31.255.255
  CIDR:           184.24.0.0/13
  NetName:        AKAMAI