SN 791: Google's Root Program

Beep boop - this is a robot. A new show has been posted to TWiT…

What are your thoughts about today’s show? We’d love to hear from you!

@Leo I nearly spat out my coffee, when Steve pronounced cwim as quim! I’m glad he went back and spelt it. That certainly made my day.

Re: Router updates, my router (AVM Fritz!Box) sends me an email at the beginning of each month with the statistics about the router (data volume in and out, DECT telephones attached (it is also a VOIP - DECT telephone system), which wi-fi SSIDs are active, and, most importantly, the version of the router firmware installed and what the latest available version is.

Re: Root store, we use the Windows root store to add our own corporate certificates, so that our own internal sites don’t come up with “untrusted site” warnings all the time. If Google uses its own and we can’t add our own internal certificates, that is a step backwards in user friendliness.

1 Like

I’ve been meaning to post since I listened to the episode. Vulnonym is a dumb naming system but if they update the bot a little allowing to share a little information about the vulnerability the Twitter account would be more helpful than the naming system itself. It would be an easy way to find new vulnerabilities.

On the Google VPN: I’d use it if they show that it’s worth trusting. On the Chrome root store: what root store do Chromebooks use?

I just realized that there is a chance that the Volnonym system might name a vulnerability with one of the code names that Ubuntu uses for their releases. Now won’t that be fun when that happens. :nerd_face:
Groovy Gorilla
Bionic Beaver
Hirsute Hippo

1 Like

LOL Quim was hilarious!

1 Like

According to Chromium OS Docs (https://chromium.googlesource.com/chromiumos/docs/+/master/ca_certs.md) three sets of certificates exist for different purposes: The Chrome OS root store for Google distributed Chrome OS systems; The Mozilla NSS root store for other Chromium OS systems; A store of roots for connecting to Google services.

I recommend reading the complete document for detailed information.