Tuesday, 30 August 2011

Stolen Google Certificate Puts Gmail Accounts in Danger

Hackers obtained a authentication certificate. Credit: Google

Hackers have obtained a Google website authentication certificate, putting anyone visiting a Google-owned Web property, including Gmail and YouTube, in serious danger.

The Secure Sockets Layer (SSL) certificate allows whoever is wielding it to set up fraudulent Web pages under a legitimate Google domain name; the victims, security researchers say, would believe they were on a perfectly safe Google site while, behind the scenes, attackers could harvest all their personal information.

"This type of attack allows someone to eavesdrop on encrypted traffic, allowing them to decipher traffic which would otherwise not be possible," Kaspersky Lab researcher Roel Schouwenberg told SecurityNewsDaily.

Why is this so scary?

Most phishing emails or spoofed websites look legitimate, but close inspection will reveal a misspelled URL an unencrypted Web session, or a third-party Web page that bears no resemblance to the original address. Anti-virus software often will detect these rogue pages as threats before they even get to you.
A stolen SSL certificate, however, could mean that when you log on to your Gmail account, or receive an email with a link to any Web domain (a YouTube video, for example), all of your credentials could be up for grabs.

"This particular certificate is a so-called 'wildcard' certificate," Schouwenberg said. "It's valid for any subdomain. This means this certificate allows an attacker to eavesdrop on virtually all of Google's services, including Gmail, while the traffic is encrypted. This will allow the attacker to not only read/write emails but also grab the target's Google credentials."

Even worse, your computer — and you — would never even know, because nothing about the site would seem off. After all, the attack could take place on an encrypted Gmail page.

How did it happen?

Hackers accessed the SSL certificate on July 19 from DigiNotar, a Dutch certificate authority, which said in apress release that the breach "resulted in the fraudulent issuance of public key certificate requests for a number of domains, including"

DigiNotar said it revoked all the fraudulently issued certificates, but "recently, it was discovered that at least one fraudulent certificate had not been revoked at the time."

That certificate, for, has since been revoked, but it existed in the wild for more than five weeks.

An email to DigiNotar was not returned.

Who is behind the hack?

"This type of attack is mostly suited to intelligence/espionage operations," Schouwenberg said. "We have to keep in mind that these attacks are quite targeted and most likely carried out by nation-states."

Mikko Hypponen from the security firm F-Secure captured a screenshot of a compromised DigiNotar Web page that reads, "Hacked by KiAnPhP, Extrance Digital Security Team, Iranian Hackers."

"It's likely the Government of Iran is using these techniques to monitor local dissidents," Hypponen wrote.
Google itself supports this claim, writing in a blog post on Sunday (Aug. 28) that "the people affected were primarily located in Iran."

However, Hypponen came across another defaced DigiNotar Web page that reads, "Hacked by Black.Spook! Persian Gulf For Ever!!!"

"If you keep digging deeper, you'll find that although these Web defacements are still live right now, they are not new," Hypponen wrote. "Much worse: They were done years ago. In fact, these hacks are so old, it's unlikely they are connected to the current problem. Or at least so we hope."

What can you do?

"Unfortunately, there are only very few solutions for this type of problem," Schouwenberg told SecurityNewsDaily. "Right now, we have to rely on the browser makers to release an update to the browser which blacklists this particular certificate."

Thankfully, Mozilla Firefox, Microsoft Internet Explorer and Google Chrome have all updated their Web browsers to block the stolen Google SSL certificate.

Google warns users, especially located in Iran, to "keep their Web browsers and operating systems up to date and pay attention to Web browser security warnings."

Digital Certificate Authority Hacked, Dozens Of Phony Digital Certificates Issued

DigiNotar confirms it was breached and just one of 'several dozens' of fraudulently issued digital certificates obtained by hackers and now revoked
By Kelly Jackson Higgins
Dark Reading

What at first appeared to be a one-off attack targeting Google Gmail users was actually part of a larger breach at Dutch digital certificate authority (CA) DigiNotar, which today confirmed speculation that it indeed was hacked and its SSL and EV SSL CA system abused by attackers.

"The company found out on July 19 that a hacking attempt had happened. At that moment, DigiNotar ordered an external security audit. This audit concluded that all fraudulently issued certificates were revoked. We found out yesterday, through [Dutch government organization] Govcert, that the Google certificate was active. We revoked it immediately," said a spokesman today at Vasco Data Security International, of which the Dutch DigiNotar is a wholly owned subsidiary. He declined to name the other compromised domains, whose phony certs were revoked, but said there were "several dozens of SSL Certificates" issued fraudulently.

Vasco/DigiNotar will temporarily offer all SSL customers -- all of whom it says are based in the Netherlands -- a Dutch government certificate as a short-term solution. "We are also talking to browser companies in order to install a re-routing mechanism," the spokesman says.

The company also has suspended the sale of SSL and EV-SSL certificates until its latest security audit is complete.

But security experts say the problem is that if the fake certificates were used for man-in-the-middle attacks, the damage may already have been done. "This press release only has made me more worried about how much this may be just the tip of the iceberg," says Roel Schouwenberg, senior antivirus researcher for Kaspersky Lab. "The cert was only revoked yesterday afternoon EST."

Schouwenberg says DigiNotar's statement raises more questions. "The conducted audit does not inspire any confidence. How did they miss the Google cert? How did they miss the website hacks pointed out by F-Secure?" he says, referring to a F-Secure Mikko Hypponen's post todayshowing what appears to be evidence of Iranian hackers having broken into DigiNotar's servers, and one page by alleged Turkish hackers back in 2009.

Hyponnen weighed in on DigiNotar's statement as well. "It raises more questions than answers. Diginotar indeed was hacked, on the 19th of July, 2011. The attackers were able to generate several fraudulent certificates, including possibly also EV SSL certificates. But while Diginotar revoked the other rogue certificates, they missed the one issued to Google. Didn't Diginotar think it's a tad weird that Google would suddenly renew their SSL certificate, and decide to do it with a mid-sized Dutch CA, of all places?" Hypponen, chief research officer of F-Secure blogged. "And when Diginotar was auditing their systems after the breach, how on earth did they miss the Iranian defacement discussed above?"

Another problem is that revocation isn't a sure thing. The rogue certs could be used for one-off, targeted attacks, and therefore would be tough to pinpoint, experts say.

"Additionally, there are ways to bypass revocation notices. So currently, we're depending on browser updates to fully protect us," Kaspersky's Schouwenberg says. "The average turnaround time is rather suboptimal. Let's hope Apple will be faster than with the Comodo case."

He says it also appears that not all of the CAs have been revoked, either: A separate DigiNotar CA handles the EV-SSL certs, and Chrome currently appears to be still accepting that CA, he says.

The big issue, of course, is the trust placed in CAs, a problem that was illuminated back in March when Comodo disclosed that nine SSL certificates -- including ones for,,,,, and global trustee, and three different ones for -- had been issued by one of its European resellers after its systems were breached.

Owning a certificate authority is a valuable target for attackers, and CAs are only as secure as their own systems. Experts worry that DigiNotar hasn't found all of the rogue certificates yet, and that attacks could be ongoing and undetected. Attackers could basically impersonate Google and the other website domains to wage man-in-the-middle attacks to snoop on communications going through those sites, or for other nefarious purposes.

Like with the Comodo hack, speculation has centered around Iran, which doesn't have a CA of its own and thus would have to hack one to obtain digital certificates. "That case [Comodo's reseller hack] was tied to Iran. So is this one. It's likely the Government of Iran is using these techniques to monitor local dissidents," Hypponen said in his post.

Meanwhile, Microsoft has removed the DigitNotar root certificate from it’s the Microsoft Certificate Trust List for Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2. It's working on a fix for Windows XP and Windows Server 2003. Mozilla will issue updates to Firefox to address the rogue certs, and Google plans to do the same for Chrome.

"Today we received reports of attempted SSL man-in-the-middle (MITM) attacks against Google users, whereby someone tried to get between them and encrypted Google services. The people affected were primarily located in Iran. The attacker used a fraudulent SSL certificate issued by DigiNotar, a root certificate authority that should not issue certificates for Google (and has since revoked it)," said Heather Adkins, information security manager at Google in a blog post yesterday. "Google Chrome users were protected from this attack because Chrome was able to detect the fraudulent certificate."

Meanwhile, DigiNotar reiterated that most of its clients, including Dutch government business PKIOverheid, were not affected by the breach. "DigiNotar actively looks for quick and effective solutions for its existing (EV)SSL customers. The company expects to have a solution for its entire customer base before the end of this business week. DigiNotar expects that the cost of this action will be minimal," the company said in its press release.

Attackers Obtain Valid Cert for Google Domains, Mozilla Moves to Revoke It

A certificate authority in the Netherlands issued a valid SSL wildcard certificate for Google to a third party in July, leading to concerns that attackers may have been using the certificate to route sensitive traffic through their own servers, capturing it and compromising user data in the process. The certificate was revoked by the CA, DigiNotar, after the problem came to light Monday.

The attack appears to have been targeting Gmail users specifically. Some users trying to reach the Gmail servers over HTTPS found that their traffic was being rerouted through servers that shouldn't have been part of the equation. On Monday afternoon, security researcher Moxie Marlinspike checked the signatures on the certificate for the suspicious server, which had been posted to Pastebin and elsewhere on the Web, and found that the certificate was in fact valid. The attack is especially problematic because the certificate is a wildcard cert, meaning it is valid for any of Google's domains that use SSL.

It's not clear who DigiNotar issued the certificate to at this point.

Security and privacy experts began discussing the problem Monday, after some people in Iran began posting messages to Twitter and elsewhere about the possibility of a man-in-the-middle attack by the country's government, using the certificate. The certificate was issued on July 10, and Mozilla said on Monday that it is planning to isue immediate updates to many of its products, including Firefox, Thunderbird and others, to remove the DigiNotar root CA.

"Users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for the legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe it’s coming from a trusted site. We have received reports of these certificates being used in the wild," Mozilla securityofficials said in a blog post.

"Because the extent of the mis-issuance is not clear, we are releasing new versions of Firefox for desktop (3.6.21, 6.0.1, 7, 8, and 9) and mobile (6.0.1, 7, 8, and 9), Thunderbird (3.1.13, and 6.0.1) and SeaMonkey (2.3.2) shortly that will revoke trust in the DigiNotar root and protect users from this attack."
The problem with the fraudulent * certificate is quite similar to the results of the attack on Comodo earlier this year in which the attackers were able to compromise one of the company's European registration authorities and issue valid SSL certs for Gmail, Yahoo, Skype and several other high-value sites.

Firefox users who want to disable the browser's trust of the DigiNotar root immediately can do so by clicking on Options, then Advanced, then Encryption and then selecting the View Certificates option. Then scroll down to the DigiNotar root CA, click on it and then click on Delete or Distrust.

Monday, 29 August 2011

Hackers acquire Google certificate, could hijack Gmail accounts

Repeat of Comodo affair last March; foreign government may be behind theft, says researcher

Computerworld - Hackers have obtained a digital certificate good for any Google website from a Dutch certificate provider, a security researcher said today.Criminals could use the certificate to conduct "man-in-the-middle" attacks targeting users of Gmail, Google's search engine or any other service operated by the Mountain View, Calif. company.

"This is a wildcard for any of the Google domains," said Roel Schouwenberg, senior malware researcher with Kaspersky Lab, in an email interview Monday. "[Attackers] could poison DNS, present their site with the fake cert and bingo, they have the user's credentials," said Andrew Storms, director of security operations at nCircle Security.

Man-in-the-middle attacks could also be launched via spam messages with links leading to a site posing as, say, the real Gmail. If recipients surfed to that link, their account login username and password could be hijacked. Details of the certificate were posted on last Saturday. is a public site where developers -- including hackers -- often post source code samples.

According to Schouwenberg, the SSL (secure socket layer) certificate is valid, and was issued by DigiNotar, a Dutch certificate authority, or CA. DigiNotar was acquired earlier this year by Chicago-based Vasco, which bills itself on its site as "a world leader in strong authentication." Vasco did not reply to a request for comment.

Security researcher and Tor developer Jacob Applebaum confirmed that the certificate was valid in an email answer to Computerworld questions, as did noted SSL researcher Moxie Marlinspike on Twitter. "Yep, just verified the signature, that pastebin * certificate is real," said Marlinspike.

Because the certificate is valid, a browser would not display a warning message if its user went to a website signed with the certificate.

It's unclear whether the certificate was obtained because of a lack of oversight by DigiNotar or through a breach of the company's certificate issuing website.

Schouwenberg urged the company to provide more information as soon as possible.

"Given their ties to the government and financial sectors it's extremely important we find out the scope of the breach as quickly as possible," Schouwenberg said. The situation was reminiscent of a breach last March, when a hacker obtained certificates for some of the Web's biggest sites, including Google and Gmail, Microsoft, Skype and Yahoo.

Then, Comodo said that nine certificates had been fraudulently issued after attackers used an account assigned to a company partner in southern Europe. Initially, Comodo argued that Iran's government may have been involved in the theft. Days later, however, a solo Iranian hacker claimed responsibility for stealing the SSL certificates.

Today, Kaspersky's Schouwenberg said "nation-state involvement is the most plausible explanation" for the acquisition of the DigiNotar-issued certificate.

Sunday, 28 August 2011

Twitter adds SSL security

Summary:- Worried about people grabbing your Twitter password out of the air? You should be. Twitter is finally addressing the problem.

I was sitting in a local coffee shop recently and, since I was bored, I kicked on a Windows instance in VirtualBoxon my Mint Linux-powered laptop so I could runFiresheep. Firesheep was, and is, a hacking program meant to frighten people into being serious about their Wi-Fi security. It didn’t work. Most people, and Web sites, still don’t secure even their logins. So, sure enough, out of twenty-one active Wi-Fi connections, I could look over the shoulder of twenty of them. This is just sad.

Still, some interactive Web sites are finally adding basic security. The Google sites support Transport Layer Security (TLS) and its ancestor Secure Sockets Layer (SSL) for protection,Facebook added encypted security early this year, and now Twitter is joining the list of sites that use SSL to secure its users’ connections.

It’s about time!

Now that I have that out of my system, here’s how it works. Twitter is turning HTTPS, the Web’s fundamental data transfer protocol with SSL enabled on by default with some accounts. To see, if you account is one of the lucky ones, go to your Twitter Accounts Preferences.

Once there, go down the display to the Always use HTTPS box and click it on. If you haven’t logged in, you’ll need to login for this choice to take.

From here on out, whenever you connect with Twitter, your connection will be listed as:


instead of

Depending on your browser, you may also see a change in color on part of your address bar. With Chrome 13 and Firefox 6, for example, the first part of the URL will be colored green.

On the “official” Twitter iPhone and iPad applications, your communications are always encrypted via HTTPS, regardless of whether you have checked Always use HTTPS on or off. If you visit from your browser, though your communications will be encrypted only if you specifically log in via

Yeah, they know that’s kind of dumb too and they’re working on getting it right. Last, but not least, if you’re using a third-party application, like my own favorite Twitterfall, whether your Twitter connection is encrypted depends entirely on the application.

Twitterfall, alas, doesn’t support SSL or TLS. I get around that problem by using my own Virtual Private Network (VPN). For most people, though, what you really want is just a nice, secure SSL or TLS connection, so good job Twitter! Now, how the rest of you Web sites that are all about user interaction stepping up to the place? Come on, don’t be shy, adding SSL/TLS isn’t that hard these days.

Palo Alto PA-5060 is one fast firewall

Palo Alto's new firewall delivered performance 10 times faster than when we tested in 2008, and came close to its rated capacity of 20Gbps in firewall-only mode, according to our exclusive Clear Choice testing.

Palo Alto's new firewall delivered performance 10 times faster than when we tested in 2008, and came close to its rated capacity of 20Gbps in firewall-only mode, according to our exclusive Clear Choice testing.

Of course, there is always a tradeoff between security and performance. In the case of Palo Alto's PA-5060, it all depends on what features you turn on and off.

Palo Alto has shaken up the firewall market with its "application aware" feature, and we found that this next-generation capability carries no performance penalty. The PA-5060 does application-layer inspection by default.

On the other hand - and this is a pretty big caveat - UTMrates were nowhere near the device's stated 20Gbps limit. Performance was far lower with any UTM feature enabled than when the PA-5060 operated in firewall-only mode.

Regardless of which UTM features we enabled - intrusion prevention, antispyware, antivirus, or any combination of these - results were essentially the same as if we'd turned on just one such feature. Simply put, there's no extra performance cost, beyond the initial sharp drop in rates, for layering on multiple types of traffic inspection.

Rates also fell when the device handled SSL traffic. And when decrypting SSL traffic, the system's four 10-gigabit Ethernet interfaces ran at rates that would make Fast Ethernet aficionados smile.

Some of this is to be expected. All security devices slow down when handling SSL traffic, and we've seen far bigger drops, in percentage terms, when enabling UTM features.

Overall, we'd characterize the PA-5060 as a capable performer. While it offers many unique application-inspection capabilities, it doesn't quite do away with the perennial question about security-vs.-performance tradeoffs.

Web Metrics

Forwarding rate was the primary metric in our tests. We used both mixed and static HTTP loads to measure rates under various configurations, along with separate tests to assess performance for SSL traffic. We also verified the PA-5060's TCP connection capacity and connection setup rate.

The forwarding rate tests clearly show that the PA-5060, which can be equipped with up to four 10-Gbit/s interfaces, runs at least 10 times faster than earlier Palo Alto models.

In a test involving heavy Web traffic with a mix of content types and object sizes, the PA-5060 moved data at around 17Gbps when configured as a firewall.

That's a bit under the system's 20Gbps rated capacity, which isn't altogether surprising since such data-sheet numbers often are obtained using best-case conditions such as a single large object requested over and over.

In contrast, the traffic load we used involved a mix of text, images and binary content of various sizes - just the sort of Web traffic often seen on enterprise networks. The 17Gbps rate we saw in testing is probably a more meaningful predictor of performance on production networks.

The mixed traffic load offered here is identical to the one Network World's Joel Snyder used in his 2008 review of Palo Alto's PA-4020 firewall. In that test, the PA-4020 topped out at around 1.6Gbps (vs. of a rated capacity of 2.0 Gbps).

UTM's performance penalty

As with most other security devices, rates fall sharply if various UTM functions - such as antispyware, antivirus, and intrusion prevention capabilities - are enabled. Again using the same mixed Web load, we saw rates drop from 17Gbps to around 5.3G or 5.4Gbps.

The good news is that rates held steady regardless of the number of UTM functions in use. So, it doesn't matter whether the PA-5060 does antispyware, antivirus, intrusion prevention, or any combination of these.

One way of boosting forwarding rates is to disable server response inspection, which checks traffic flowing from servers to clients. Disabling this feature caused rates to nearly triple, to 13.7Gbps. This setting is mainly useful when the firewall sits in front of data centers or other server farms. Enterprise network managers deploying firewalls to protect clients will want to keep server inspection enabled (which is the default setting).

Speed Bump: SSL Handling

SSL encryption is compute-intensive. Even with dedicated silicon for the task, the PA-5060, like virtually all other high-end firewalls, is a far slower performer when handling SSL traffic.

The PA-5060 generally moved traffic at around 7.5G to 7.6Gbps in every test case. We initially suspected that the nearly identical rates were caused by some limit in our test gear. But back-to-back tests of the Spirent Avalanche equipment without the PA-5060 in line moved traffic at around 8.6Gbps, faster than the firewall. So the test gear wasn't the bottleneck. (See our test methodology.)

Rates for SSL traffic are higher than those for cleartext traffic, except in the firewall-only test case. This suggests the PA-5060 does less inspection of SSL traffic by default. Palo Alto's engineers confirmed this, but only for the particular traffic generated by Spirent Avalanche; in this case, the PA-5060 simply classified the traffic as type "SSL" and did no further inspection. Palo Alto says there are cases where the PA-5060 can detect certain attacks hidden in SSL traffic, but we did not attempt to verify that claim.

The PA-5060 does support decryption of SSL traffic for deeper inspection, but that feature comes with a heavy performance cost. When doing SSL decryption, rates fell to 986Mbps when the PA-5060 acted as a firewall, and just 108Mbps with all UTM features enabled.

Both numbers are a long way off from the 17-Gbps rates we saw in the cleartext tests, or even the 7.5-Gbps rates in the SSL tests without decryption. If higher-speed decryption of SSL is required, network managers might consider a purpose-built appliance such as those from Netronome and other vendors.

Static Object Handling

A traffic load that mixes object sizes offers one approximation of what enterprise Web traffic might look like, but it's certainly not applicable in all situations. We also ran separate tests with fixed object sizes: One with 10-kbyte objects, since this is close to the average object size as observed in many studies of Web logs, and another with 512-kbyte objects, since this large size would better describe maximum firewall rates.

Of course, no production network carries Web traffic where every request is for 10- or 512-kbyte objects, but modeling some allegedly "real world" condition wasn't the goal here. The tests with static object sizes had a simpler goal: To describe the limits of firewall performance when handling average and large Web objects.

Not surprisingly, the PA-5060 turned in its single fastest result, nearly 18.7Gbps, in tests when configured as a firewall and presented with 512-kbyte objects. With average 10-kbyte objects, rates were a bit slower, around 16.3Gbps.

Enabling UTM features produced a similar result as with the mixed-object loads: Rates were substantially lower than in the firewall-only tests, but very consistent regardless of which combination of antispyware, antivirus and intrusion prevention we used. Here again, the PA-5060 moved large objects faster than average-sized objects after we'd enabled UTM features, though by a smaller margin than in the firewall-only tests. With UTM features turned on, the PA-5060 moved large objects only about 1Gbps faster (around 6.2G to 6.3Gbps) than average-size objects (around 5.2Gbps).

The PA-5060 also moved SSL traffic at lower rates when static objects were involved, especially in tests with large objects. This is an expected result, since more bytes means more work for the device's encryption engine. In most SSL test cases, rates were around 10.5G to 11Gbps with average-size objects and around 8.8Gbps with large objects.

Also, traffic rates for SSL were around the same regardless of which features we enabled or disabled on the firewall. As in the mixed-object tests, the PA-5060 didn't try any further inspection after classifying the Spirent traffic as SSL.

Decrypting SSL traffic carried a heavy performance cost, even higher than in the mixed-object tests. With SSL decryption enabled, rates fell as low as 100Mbps when we offered large objects to the PA-5060. And, we used the weaker RC4-MD5 cipher; if anything, rates would likely be lower still with a stronger cipher such as AES256-SHA1.

TCP Connection Testing

While traffic rates are undoubtedly useful in characterizing firewall performance, they're not the only metrics that matter. We also conducted separate tests to determine how many concurrent connections the PA-5060 could handle, and how quickly it could set up and tear down those connections.
In the TCP connection capacity tests, we configured Spirent Avalanche to build up successively larger connection counts by having each existing connection make one new HTTP request every 60 seconds. The largest number of concurrent connections the PA-5060 handled without errors was 3,620,979. While 3.6 million is a huge number, it's also less than the device's rated capacity of 4 million. After testing concluded, Palo Alto said it had identified a bug in the software version we tested, and that a release scheduled for release by press time would allow the firewall to handle 4 million concurrent connections. We did not test the new software.

In a related test, we also examined the maximum rate at which the firewall would set up and tear down new connections. Here, we configured Spirent Avalanche to use HTTP version 1.0, forcing each HTTP request to set up a new TCP connection. When handling this load, the PA-5060 handled 44,120 connections per second error-free when using all four of the device's 10-gigabit Ethernet interfaces. In tests involving two interfaces and an earlier version of the Palo Alto software, we observed error-free rates of nearly 47,000 connections per second. Either rate is very high and will probably be more than sufficient for the majority of enterprise users.

While there's room for improvement in the PA-5060's performance, especially when it comes to UTM performance and SSL decryption, we're encouraged by these results. The PA-5060 is already far faster than the PA-4020 tested earlier, and it's still one of the few firewalls with true application-layer inspection capabilities. With some optimizations to UTM and SSL performance, it may do away with security/performance tradeoffs once and for all.

Thanks Network World gratefully acknowledges the assistance of Spirent Communications, which supplied its Spirent Avalanche 3100 GT traffic appliances for this project. Spirent's Michelle Rhines, Jeff Brown, Glen Cory Jr., and Chris Chapman also provided engineering support.

Newman is a member of the Network World Lab Alliance and president of Network Test, an independent test lab and engineering services consultancy. He can be reached at

Read more about wide area network in Network World's Wide Area Network section.


Friday, 26 August 2011

Get 49 USD Off On GeoTrust True BusinessID with EV Buy Using GEOEV2YR Coupon Code

Questions? Call727-388-4240

Get 49 USD Off On GeoTrust True BusinessID with EV Buy Using GEOEV2YR Coupon Code

EV SSL can help you to protect your site from phishing scams and increase your customer transactions. GeoTrust True BusinessID EV comes with the highest levels of identity authentication, up to 256-bit encryption, and the GeoTrust True Site seal, to help maximize your Internet security coverage and online sales potential.

GeoTrust True BusinessID with EV

Features & Benefits:-

  • Unlimited Server Licenses - No Additional Charge.
  • Assures customers of the web site's true identity by displaying the GREEN Address bar and the organization and GeoTrust names in high-security browsers.
  • Provides highest level of web site identity verification to help foil phishing.
  • Increases customer confidence to maximize online sales potential.
  • Provides up to 256-bit SSL encryption.
  • Enables EV interface for IE7 on Windows XP clients with EV Upgrade
  • Includes a True Site Seal identity verification - embedded organization name/date/time stamp

Take advantage of this limited time offer... Check it out
Note: Coupon Code will Expire On 31st December. So make hurry.............


Join Free ! TheSSLstore Reseller Program

Questions? Call

VeriSign Resellers

Our partners have access to the most extensive selection ofSSL Certificate offered to fit all of their client’s needs. Choose from a full line of VeriSign, Thawte, GeoTrust, RapidSSL and Trust Wave products. All of the certificates you buy from us are the same exact certificates you would buy directly from VeriSign, GeoTrust, Thawte, RapidSSL or Trust Wave.

Features & Benefits:-
  • Best Pricing in the industry
  • Best Service, support & technology
  • Best selection for your all your clients’ needs
  • FULL no cost API access
  • NO sign up fees
  • Most advanced reseller control panel to manage your SSL business
  • Access to partner knowledgebase, educational tools & resources
  • Easy payments via credit card, PayPal or bank wire
  • Set your own prices while we remain anonymous, issuance of the certificate takes place in the vendors website
  • Free to join Affiliate program with instant access to links and banners, real time statistics and one of the highest commissions in the web security industry
To Become VeriSign Reseller Visit


Thursday, 25 August 2011

Symantec Shows Largest Growth in SSL Certificates for August and Continues to Lead Critical EV SSL Market

MOUNTAIN VIEW, Calif. – August 24, 2011 – Symantec Corp. (Nasdaq: SYMC) today announced that it achieved the largest overall SSL certificate growth in the market for August, with a gain of 19,892 total certificates for the month. Symantec remains the market share leader among all SSL certificate authorities worldwide. Symantec also demonstrated leadership in the growing extended validation (EV) SSL market, which grew overall to more than 47,000 certificates.

Extended Validation growth

Symantec was responsible for most (1,752) of this month's overall growth of 2,725 EV certificates, helping to increase the total to 47,532. Netcraft reported that Symantec leads the space with a market share of 68 percent, further demonstrating that when it comes to web security, the majority of organizations online rely on Symantec.

When a website is protected with an EV SSL Certificate, the latest high-security browsers show prominent visual cues to signal that the site has been authenticated to a higher level. For instance, Internet Explorer as well as Firefox browsers display a green address bar and a field with the name of the organization that owns the website. Both are instantly recognizable signals to consumers that they have reached a website whose identity has been certified by a recognized SSL certificate authority such as Symantec.

“The Netcraft Survey data for August clearly demonstrates that EV SSL is a growing business and that Symantec is leading the charge,” said Fran Rosch, vice president of Trust Services at Symantec. “Customers continually realize the value of working with a trusted certificate authority for SSL and EV SSL and view Symantec as a trusted partner as we continue our innovation and leadership to provide the most comprehensive product lineup and highest standards in technical support.”

Connect with Symantec

About Business Solutions from Symantec

Symantec helps organizations secure and manage their information-driven world with endpoint security, messaging security, web security,data protection, identity validation and authentication, and security management solutions.

About Symantec

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at

Note to Editors: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at All prices noted are in U.S. dollars and are valid only in the United States.

Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

Choose The VeriSign Secure Site EV SSL Certificates To Gain Customer's Trust

VeriSign SSL certificate is a most reliable SSL Certificate in the world. Research says that 97% of financial institutions use SSL certificates issued by Verisign. As a recognized provider VeriSign SSL gets over 600 million page views a day. Several values are given to suppliers at no extra charges. Verisign SSL certificate can increase customer trust in your website. When customers have more trust, your e-commerce store has a larger volume of traffic. Every day VeriSign perform an analysis on public Web sites. If any malware is found, the supplier will receive an e-mail to let you know that the hacker tries to break in your website. The daily malware scan helps you to keep identity information secure.

SSL Renewals is a leading and trusted authority partner with Verisign and offers services like SSL certificates, Extended Validation (EV SSL), VeriSign Trust Seal, two factor authentications, identity protection, malware scan, code signing and public key infrastructure. The one I prefer is Verisign Secure site EV SSL because of its highest level of security. 

VeriSign Secure Site EV SSL Certificate Features and Benefits:

  • Extended Validation, Green Address Bar
  • 40-bit minimum to 256-bit Encryption
  • 99.9% Browser Recognition Rate
  • Supports Mobile Devices
  • $100,000 warranty
  • VeriSign Secured Seal
  • Includes 30 Day Issuance Insurance
  • Installation Checker

VeriSign Secure Site EV SSL Certificate provides minimum of 40-bit and up to 256-bit encryption and more than 99% browser recognition. It also includes a $100,000 warranty and the VeriSign Secured Seal. Extended Validation certificate triggers the display of the green address bar in high-security browsers. This will help in gaining customers’ confidence in using your website. 

So if you ask whether it is worthwhile to have an EV SSL certificate, the answer is: Absolutely, yes! EV SSL Certificate has been designed to enhance the security of e-commerce and combat phishing attacks which makes the SSL certificate the most comprehensive certificates among which available in market. This helps the e-commerce merchants increase confidence, reduce shopping cart rejection, and build long term income. 

Visitors and customers of a business website can be confident in their searching, browsing and shopping experience because they can get the benefit of secure transactions with VeriSign Secure site EV SSL. It has features like minimum of 40-bit and up to 256-bit encryption and more than 99% browser recognition, also includes a $100,000 warranty and the VeriSign Secured Seal.