SLL certificate man-in-the-middle atacks Google users!

Discussion in 'Current Events' started by dragonbite, Aug 30, 2011.

  1. dragonbite

    dragonbite Well-Known Member

    Aug 30, 2008
    Likes Received:
    This was actually a situation a co-worker described being brought up at the Black Hat convention he attended.

    What happens is somebody receives a fraudulent SSL Certificate (in this case, from a shady certificate provider (this case DigiNotar). Then they are able to use that to set up an SSL session (https://) from the victim, and pass that information along to Google. Google doesn't know there is somebody in-between the user and them because the SSL credentials are run properly, and the user doesn't know the Certificate being authenticated is a fraudulent one issued where it should not have been issued.

    Luckily the Chrome browser threw up a red flag. Since then both (only) Chrome and Firefox have moved to pop up alerts when anybody goes to a site with a DigiNotar-provided certificate.

    So be wary, keep your system up-to-date and pay attention to those warning messages!

    (Jim, this may be worth bringing up at Ask Dacs)

Share This Page