Skip to main content

How to remove DarkMatter Certificates from Firefox

Cyber-security company DarkMatter, based in the United Arab Emirates, applied to become a top-level certificate authority in Mozilla's root certificate program recently.

Certificates are a cornerstone of today's Internet; HTTPS ensures that communication is encrypted. A company in control of  a root CA could potentially decrypt traffic that it has access to.

A Reuter's article links DarkMatter to the United Arab Emirates government and surveillance operations. One such operation, called Karma, saw the team hack iPhones of "hundreds of activists, political leaders, and suspected terrorists" according to Reuters.

The EFF notes that DarkMatter's "business objectives directly depend on intercepting end-user traffic on behalf of snooping governments".

DarkMatter has an intermediary certificate already issued by QuoVadis. QuoVadis is owned by DigiCert which means that there is some oversight in place currently but that it would be lost if DarkMatter would get the root certificate.

So, the chain is DigiCert > QuoVadis > DarkMatter currently. It is possible to remove root certificates in Firefox. Note that doing so would impact any certificate issues by QuoVadis. In other words, any site you visit that uses such a certificate won't load anymore.

Note: As some readers have pointed out, certificates get restored with every update. You may also need to clear a site's cache if you run into loading issues. See this guide.

Removing the certificates

firefox root-certificates dark matter remove

Here is how you can remove certificates from Firefox:

  1. Load about:preferences#privacy in the Firefox address bar to open the Privacy & Security settings.
  2. Scroll down to the Certificates section on the page.
  3. Click on the View Certificates button.
  4. Firefox lists all authorities in an overlay. Scroll down until you find the QuoVadis Limited listing (or any other listing you want to remove).
  5. Select a certificate, it does not matter which. Tip: Hold down Shift to select multiple certificates.
  6. Click on "delete or distrust".
  7. Select ok to remove the certificate from Firefox.
  8. Repeat steps 5-7 for all other certificates that you want to remove. until the QuoVadis Limited listing is no longer there.

delete quovadis

You can follow the discussion and integration of the root certificate on Mozilla's Bugzilla website and the Firefox Dev Security Policy group on Google Groups.

.

This article was first seen on ComTek's "TekBits" Technology News

HOME