Mozilla blocks spy firm DarkMatter from Firefox citing ‘significant risk’ to users
Firefox maker Mozilla said it will not trust certificates from surveillance maker DarkMatter, ending a months-long effort to be whitelisted by the popular browser.
Months earlier, the United Arab Emirates-based DarkMatter had asked Mozilla to formally trust its root certificates in the Firefox certificate store, a place in the browser reserved for certificate authorities that are trusted and approved to issue HTTPS certificates. Mozilla and other browser makers use this store to know which HTTPS certificates to trust, effectively allowing these certificate authorities to confirm a website’s identity and certify that data going to and from it is secure.
But a rogue or malicious certificate authority could allow the interception of encrypted internet traffic by faking or impersonating websites.
DarkMatter has a history of controversial and shady operations, including developing malware and spyware to be used in surveillance operations, as well as the alleged targeting of journalists critical of the company. Just weeks ago, Reuters reported that the Emirati company — which employs former U.S. National Security Agency hackers — targeted several media personalities and dissidents at the behest of the Arab monarchy.
But the company has a clean record as a certificate authority, putting Mozilla in a tough spot.
Either Mozilla could accept DarkMatter’s record as a certificate authority or reject it based off a perceived risk.
As it turns out, the latter won.
“Our foremost responsibility is to protect individuals who rely on Mozilla products,” said said Wayne Thayer, certification authority program manager at Mozilla, in a discussion group post on Tuesday. He added that DarkMatter poses “a significant risk to our users.”
“I believe this framing strongly supports a decision to revoke trust in DarkMatter’s intermediate certificates,” he wrote.
Thayer added that although both sides of DarkMatter’s business were taken into account, the browser maker cited a core Mozilla principle — “individuals’ security and privacy on the internet are fundamental and must not be treated as optional” — as a reason to reject the proposal.
Mozilla said it would also distrust six intermediary certificates in the meanwhile.
DarkMatter did not respond to a request for comment Tuesday.