Cyber-security company DarkMatter, based in the United Arab Emirates, applied to become a top-level certificate authority in Mozilla's root certificate program recently.
Certificates are a cornerstone of today's Internet; HTTPS ensures that communication is encrypted. A company in control of a root CA could potentially decrypt traffic that it has access to.
A Reuter's article links DarkMatter to the United Arab Emirates government and surveillance operations. One such operation, called Karma, saw the team hack iPhones of "hundreds of activists, political leaders, and suspected terrorists" according to Reuters.
The EFF notes that DarkMatter's "business objectives directly depend on intercepting end-user traffic on behalf of snooping governments".
DarkMatter controls an intermediary certificate already called QuoVadis. QuoVadis is owned by DigiCert which means that there is some oversight in place currently.
Firefox users, and anyone else who has access to tools to manage certificates, might want to remove the intermediary certificates from the certification store. You may remove the root certificate from Firefox using the same method if Mozilla, or anyone else, goes ahead with the inclusion of the root certificate in Firefox.
Removing the certificates
Here is how you can remove certificates from Firefox:
- Load about:preferences#privacy in the Firefox address bar to open the Privacy & Security settings.
- Scroll down to the Certificates section on the page.
- Click on the View Certificates button.
- Firefox lists all authorities in an overlay. Scroll down until you find the QuoVadis Limited listing (or any other listing you want to remove).
- Select a certificate, it does not matter which.
- Click on "delete or distrust".
- Select ok to remove the certificate from Firefox.
- Releat steps 5-7 for all other certificates that you want to remove. until the QuoVadis Limited listing is no longer there.
How to remove DarkMatter Certificates from Firefox - gHacks Tech News