The security community is in an uproar about Komodia! Komodia is an IT firm that sells turn-key network interception technology, i.e. Komodia Redirector with SSL Digestor, to several software developers.
This allows software to decrypt traffic communicating with otherwise secure sites (bank websites, etc.). Komodia has more than 100 clients on board using its SDKs (software development kits).
Many found out within the past 2 weeks that most free-ware products have this vendor's kit built in. Security experts found the root issue in the "Superfish" story which is crap-ware on Lenovo laptops. The Superfish software includes the Komodia development kit.
Komodia works by installing its own certificate in the trusted certificates store of a local laptop. The browser and other applications then can decrypt traffic behind the scenes with no warnings. The computer implicitly trusts the Komodia certificate.
The purpose of Komodia's kit is to break SSL security, but the worst part is their poor implementation. For example, the certificate is encrypted with the password "komodia" (all lower case). This allows other third-party hackers to leverage Komodia installation since the password has been cracked and is public knowledge. I am sure attackers are grateful for yet another option in their toolbox!
If you are concerned, test your computer. See security expert, Steve Gibson's, 22 minute video on his Security Now podcast. From an IT management perspective, prevent local admin rights and use a whitelist/blacklist technical control.
Author: Todd Bey
Would you like to protect your organization against emerging threats such as the Komodia example? The first step is to schedule your free security consultation and Security Assessment by emailing .