rugk 397 Posted October 21, 2015 Share Posted October 21, 2015 (edited) I was quite surprised as I saw too very suspicious root certificates in my CA store. These were installed by a Bluetooth driver from CSR. Obviously this enables interception of HTTPS connections if the private key is found. Additionally it injected certs into the "trusted publisher store", which means it can also fake digital signatures. The worst thing are the certificates itself - they are 1024bit RSA certificates, which are very insecure, so that it may be possible to crack the public key and get out the private key. More information here: https://pastemarkdown.com/Su5Ch And here you can see how it injects it: https://vimeo.com/rugkme/csrharmonyrootcert Edited October 22, 2015 by rugk Link to comment Share on other sites More sharing options...
ESET Moderators TomasP 316 Posted October 23, 2015 ESET Moderators Share Posted October 23, 2015 Thanks for posting this, it may help others in deciding or troubleshooting. Link to comment Share on other sites More sharing options...
Recommended Posts