

Comodo Hacker returns... - eokuma
http://news.cnet.com/8301-1009_3-20102027-83/comodo-hacker-returns-in-diginotar-incident/

======
achille
Something does not smell right here. This letter sounds immature. If there was
a large scale MIM attack, the team setting this up would not post something
like this.

Hacking into a CA and stealing a certificate could definitely be one-man
operation. But a large scale MIM attack requires _a lot more_ resources.

* Hacker would have to pipe, monitor/store all the traffic), this requires a lot of server space and bandwith that's not easy to obtain, anonymously... from Iran.

* One needs to "hack" into the individual ISPs and alter routes/etc

* I didn't see any certificates for banking sites, but for targets such as google, wordpress, TOR etc. Even if you have collected the info (terabytes of stuff) it takes time to process through them.

~~~
eokuma
<http://pastebin.com/1AxH30em> <\-- Check this out

[http://erratasec.blogspot.com/2011/03/comodo-hacker-
releases...](http://erratasec.blogspot.com/2011/03/comodo-hacker-releases-his-
manifesto.html)

