Damage control currently ongoing on governmental press-conference.
Estonia is the only country to use e-voting and it is based on this ID-card. Everything related to it is compromised.
Press F to pay respect.
Most probably all the Gemalto made cryptographic cards are kill.
Other urls found in this thread:
unvis.it
archive.is
estonianworld.com
gemalto.com
en.wikipedia.org
en.wikipedia.org
twitter.com
I don't understand
Cryptographic integrity, key security of Estonian ID and e-identity of card owners is compromised. It is still not 100% confirmed that all the e-identities of ID card owners are lost to attackers but the ongoing damage control points to that.
>voting
most useless act ever. it's like when angelina jolie sends a selfie to her kids. the government fucking HATES you get it in your thick head.
Database leak? Identity leaks? Similar to the Turkish leak?
The current diclosure of fuckup and the damage control means that Estonian e-votes in 2015 elections were most probably tampered.
Key internal security and public key database are for sure compromised. Government closed public security database today. E-voting and some other cryptographic solutions based on Estonian ID-card use public key database.
But the fallout is yet to land on this. Disclosure of the fuckup is only hours old. Information of that ID card is compromised was received in 30th of august. It was severe enough that it was made public today with heavy damage control. Deeper analysis is coming
*Government closed public key database
The Russians are at it again?
Big, if true
Hot sauce by the way, faggot
Nope.
Germans and French.
They certified this system as secure.
nonetheless, it'll turn out it was the russians. it's always the russians.
We dindu nuffin.
OP can't be arsed so here's a sors
unvis.it
Yeah it sure seems like it. Maybe try doing your jobs for once. No striking allowed.
wew good thing I procrastinated on getting the e residence card
B-but... stricking is so comfey?
Danke
How badly will this fuck Estonia? What else are the private keys used for other than voting?
English sauce is coming, keep an eye on this if interested. This is huge.
It was just disclosured here in Estonia and my only reliable sauces are in Estonian. Can you into Estonian?
Make search:
Ministrid, PPA ja RIA andsid ülevaate ID-kaardi kiibi turvariskidest
You will get the source.
Estonian web-pages are somehow labeled as spam by Sup Forums so I can not post the links (fix it, Sup Forums).
Break the link up with spaces or archive it and post that
use this: archive.is
Not this time. The ID card infrastructure and at least public key database are compromised and those are not Russian-made.
Does not fly this time.
Your posts are barely understandable. Be more clear.
Gemalto is one of the jewels of the French industry, if I remember well they invented and have the patents for the chips you find in every electronic card, be it ID or payment (the golden rectangle on your Visa card, it's French).
Ameritards still use the black swipe band, but people from developed country will know what I mean.
> How badly will this fuck Estonia?
Depends on damage control largely atm. And damage control will fail when independent analysises are published.
Implications are that our 2015 e-voting for new parliament is compromised, all public/secret key pair technology using services are fucked and there is probably more if more analysis is made on published info. In press conference they said that they will not publish all info in order to protect our ID card system.
So it is basically security by obscurity right now.
Reeks like major disaster and Estonian government losing all credibility.
Gemalto is not ours anymore.
It's been bought by Americans(Safenet).
THIS.
Approximately 1 billion of various cryptographic cards use their tech.
Our pre-Gemalto made ID cards are declared secure, btw.
(Are they)
That's why you shouldn't trust technology too much
>Gemalto made cryptographic cards are kill.
this is huge if true
So... they basically will have to re-create a new, more secure ID card & infrastructure, distribute it to every citizens, and block any service relying on it in the mean time ?
I hope there are no elections planned anytime soon.
Nice damage control.
When was it sold?
Btw I believe (call it theory) that the source that told our government about our ID card being fucked is cybersec of US intelligence. There are hints about this in our gubmint retards behavior.
This is probably the start of the EU being exposed as evil and corrupt.
They are tired of ignoring and manipulating elections, they want to end them altogether.
Communists are predictable that way.
Now that I think of it, Americans and their nigger-tier swipe bands might actually be safe.
I remember French officials worried about letting such a strategic technology in the hands of ze retarded americans.
Turns out they were right :D
Local elections are planned in October.
There are already calls to abandon e-voting but government has not yet balls to declare it openly.
Their damage control is fubar if they do so right now.
The fallout is yet to come.
I don't try to damage control.
Gemalto is an international corporation (mainly european, I believe Israeli as well).
They still have offices in France but the HQ are now in Belgium or in the Netherlands.
As for when, well if I remember correctly it was in 2014. Consider it a fresh buy.
Democracy is a stupid concept but e-voting without any physical evidence of where the voting went is retarded-tier level shit.
Having said that, if im not mistaken, this was one of the "babies" of that pathetic tool-of-the-Jews with the bow tie (can't remember his name) so i am very happy.
I believe that rn eality it did not pass US cyber certification and they found out even more how fucked it is.
As I said - the source of this information disclosed to our government is most probably US intelligence cyber security
the disclosed fucked up cards originate from 2014 oct and beyond.
>Democracy is a stupid concept but e-voting without any physical evidence of where the voting went is retarded-tier level shit.
I fully agree with you in this.
E-voting is not secure.
Right, but it will turn out that Putin personally broke into the Estonian Government facility and used a magnetic needle to alter individual bits of memory to compromise the system.
Just like how he hacked our election.
Gemplus (French) was acquired by Axalto (a spinoff of Schlumberger) to form Gemalto in 2006. They are based in the Netherlands.
Fuckoff with your anti Americanism. Safenet makes HSMs not ICCs.
Will not fly here.
F
ahahahahahahah idiots lol its sweden all over again
I'd rather not play the blame game.
But this must be a coincidence.
Either that or Americans don't waste time, or we are smart enough to use the confusion to avoid responsability.
Shady.
I'll lurk here.
Fidem et fortitudinem, et honorem honorem
I used to say all the time that this shit isn't safe, but Estonians would rush to defense and say I'm wrong and etc.
Not happening
estonianworld.com
_____________________________________
Prime minister: Estonian e-state will not be affected
I meant it in this sense.
Only a naive fool would not have expected this to happen sooner or later. You have noone to blame but yourselves for this.
>I
for idiots
Sweden needs to be liberated for sure. But his goes beyond Sweden this time for sure.
It is possible that Swedish data fuckup is related.
I myself never trusted this shit.
>“All ID-card operations are still valid and we will take appropriate actions to secure the functioning of our national digital-ID infrastructure. For example, we have restricted the access to Estonian ID-card public key database to prevent illegal use.”
I don't understand this. Public keys are public. The security of PKI does not depend on whether public keys are accessible.
Why shut down the public key database?
Like I said - heavy damage control.
ID card public key database is closed and remains closed and there are veiled reccommendations from government officials to use m-ID, the other electronic ID we have.
Happening in progress, shit hit the fan, fallout yet to land.
Could they use this to commit voter fraud? Seems to be the only thing that makes sense.
The damage control suggests that there is "possible" attack vector from public key to private key and e-identity.
Which is a) bullshit and this goes way deeper than just public key b) attack is already done
>Could they use this to commit voter fraud?
Sure.
Great news! Anything that delays the forced adoption of biometrics, microchips, surveillance, cashlessness and other retarded ideas is a victory in my book.
* attack is already done and all e-identities are stolen and ID card crypto is kill.
Snowden alleged Gemalto's keys were compromised.
Gemalto investigated in early 2015 and said "attempts" were made in 2010 and 2011, but were unsuccessful.
Is this the 2014 date?
This is 2014 date. Cards from october 2014 and after are said to be compromised.
Btw we had elections in 2015 march. Using those cards and tech.
Safenet owns the business cuckold.
Also, fuck America.
Gemalto owns the Safenet according to your source, nigger.
oh wow; I seriously misread it.
"Acquisition by", not "of"
Still, fuck America.
Yes, my memory plays with me.
Yeah, I misread. I thought the compromise was for pre-2014 cards.
Card manufactures update the versions of their cards every year or so. It's possible whatever code they incorporated in 2014 is faulty.
Can you pop your card in and tell me what version of Gemalto cards Estonia is using? It would be listed in some sort of properties tab.
It's alright Achmed. (((They))) own it anyway.
>we discovered our ID-cards are compromised
>almost all of our other E-services have problems
>muh E-nation
what a joke
I bet nobody has attempted to hack our services because nobody simply cares about us
My card is from pre-2014.
Fucked up tech nevertheless.
It is kill here, at least for some time, damage control or not.
If I remember it correctly, Estonia switched to Gemalto as manufacturer in 2014. Before this there was some other manufacturer.
I must check this out.
>major shareholders
The biggest ones are French and the biggest shareholder is litteraly our governement.
We might have played you Estonia.
BTW, this june there was a mandatory certificate update to all pre-2014 ID cards of ours.
They said that it is in order to make the system safer.Most probably it was the opposite.
Sounds like you don't have a legitimate government. Sick, it's libertopia, everybody move there while the anarchy is good
I think your asses now belong to US, like in Estonia and United States.
Your government should start lubing their anuses.
Fallout will also hit Germany because of certification of this shit.
>estonianworld.com
literally kike-tier propaganda bullshit
never visit that site again
Oberthur is the only other card manufacturer.
Unless there's some chink startup, but I doubt any nonchinks buy those.
Like I said - if I remember this correctly. But my memory suggests that there was governmental bid and manufacturer changer around this time.
We're lubbed up since 1969 my friend.
It still hurts every fucking day.
It gets confusing because there were multiple manufacturers (safran morpho for example). But they have all been consolidated into Gemalto and Oberthur over the last 10 years. So the underlying implementation could be from an old manufacturer.
I thought you people would have learnt your lesson after the Russkies hacked you. WTF is wrong with your gubmint?
>Russkies hacked you
When?
Not happened or at least not made public.
Russians are not to blame here, the ID card infrastructure (card, keys, etc) is compromised and it is not Russian-made.
Wtf, how old are you? This was massive news when it happened.
en.wikipedia.org
>We might have played you Estonia.
Do they have gold like Gaddafi?
> DDOS flood attack, barely felt here.
> hacking
Fuck you.
>en.wikipedia.org
Is pic related?
French are retarded, always were.
They even tried to conquer Russian shithole, little Napoleons, all of them.
Sauce you fucking autist?
GOD DAMN IT, EESTI.
You were supposed to be the future.
I would say the same about you guys too, but the only time I saw the name of Estonia written somewhere it was on a map, not a history book.
Man, it sure is a good idea to digitalize our complete lives, from money to identity to birth certificates, degrees, and whatnot.
A few keystrokes can reveal or destroy all of a person's life and wealth. Hooray.
read your source
Pole mitte sittagi artiklis. Nothing + Burger
Damage control forces activated!!!!
I have an Estonian ID card. Does this mean I will have to get a new one?
FUCK OFF VVERE FULL
Are {{{{{{{{[[[[[[[[[((((((((THEY)))))))]]]]]]]]]]}}}}}}}}}}}}} behind it?
Ye shell come to rue the day thou hast dissed the Eesti. Verily, I say unto ye, ye shall doth burn for thy blasphemy against ye old founder of thy Soome-Viro Khanate.
NO IT'S ((THEM))
E-resident?
Same tech, compromised.
The only time I heard someone speak french was from groups of niggers and arabs in the metro.
>ahahahahahahah idiots lol its sweden all over again
But we have the exact same system for our ID cards.
>thinks I'm shilling
Ok, point out where in the article they mention that anyone's ID has been compromised. They don't. I don't really understand the point of them bringing it up. Looks like politics to me.