Eddy Nigg was able to buy a certificate in the name of mozilla.com from a reseller of comodo named ‘Certstar’.
In response of this issue, comodo says
That reseller’s ability to sell Comodo certificates has been suspended while we
investigate why they are apparently not fulfilling their contractual obligations
to us. We revoked your certificate for mozilla.com.
If this is the situation, why do an attacker need to work hard to do arp poisoning and other tricks to do an MITM. Phishers will be happy to use this kind of shady resellers.
Or maybe they are already using these kind of stupid CAs to get a valid certificates.
Call me crazy/paranoid /fanatic or whatever you want to but I’ve deleted COMODO from both of my browsers (IE & FF). Chrome uses the same from IE so it became easy for me 😉
This is indeed scary, very scary…