Browser Windows

Detect unknown root certificates in Microsoft Windows and Mozilla Firefox

RCC is a neat utility to detect rogue certs based on reference baselines and additional metadata. The developer also offers a lot of other useful tools and is well-known in the Wilders Security Forum. The program doesn’t require administrative privilege to run since the certificate checks are on a user level and the databases aren’t special protected so basically it reads out the certificate store and checks it against a reputation aka blacklist, the program hashes are also provided here.

Unknown or dangerous certificates are displayed in red

Does Blizzard installs a backdoor certificate within his Game Client?

Gamers, … well I’m one of them and the times aren’t easy for use, there is the entire DLC, lootbox and DRM garbage but we survived everything so far. Today I found another interesting story about the Blizzard Client and a root certificate. A Reddit user called chort0 found a Root CA on his computer which seems to get installed each time you install Blizzard’s game client, he mentioned that this isn’t a security problem but the says that it’s strange that a client requires its own certificate for just using their services.

Chort0 screenshot which shows the certificate which gets automatically installed.