paddingtonb3ar
commented
2 years ago Ive read some and this popped up on Wikipedia aswell which might explain all the "fuzz"
Certificates According to documents released by the Mozilla Corporation in 2016, Qihoo appears to have acquired a controlling interest in the previously Israeli-run Certificate Authority "StartCom", through a chain of acquisitions, including the Chinese-owned company WoSign. WoSign also has a certificate authority business; WoSign has been accused of poor control and of misissuing certificates.[30] Furthermore, Mozilla alleges that WoSign and StartCom violate their obligations as Certificate Authorities in respect of their failure to disclose the change in ownership of StartCom; Mozilla is threatening to take action, to protect their users.[31]
Google have stated that their Chrome product will no longer trust by default any certificates signed by StartCom or Wosign roots, starting with Chrome 61.[32] Mozilla have stated that their Firefox product will no longer trust by default any certificates signed by StartCom or WoSign roots, starting with Firefox version 58
Is there any chance to re-package CMCOLLCTRL without this old expired sold certificate please Roger? so that this application can be used for good purposes once again.
rzander
It seems there is an issue or some sort of modified file uploaded here in Github. Cause this pops up in our environment, everytime CMcollctrl.exe is started. Which freaks out our Security team and flags every PC that are using this application.
<CMcollctrl.exe outgoing attempt on port 54981 to Address - 101.198.193.12 port 80>
And this IP nowdays goes to virustotal URL
if IP is typed into browser this goes up
<101.198.193.12 (101.198.192.0/22) AS 55992 ( Beijing Qihu Technology Company Limited )>
Has the signing certificate been sold to malicious actors in China?