less than 1 minute read

There is a wildcard *google.com SSL certificate in the wild, which means malicious people can sit between you and anything at Google (including gmail) and pretend they are Google, watching everything you do. DigiNotar is the root level certificate authority (CA) who gave out this certificate. It’s not clear if this was intentional or not, but regardless, this is the internet version of a death sentence for this company. Mozilla and Microsoft have both pulled DigiNotar out of their browsers. A user in Iran has reported it being used on him; it’s not clear if the attack was from his ISP or his government, but you could also be a victim. Make you you have an upgraded version of your browser before you visit any of Google’s services. You can read the Darknet article for more details.

You should be able to tell your safe if you go to DigiNotar’s website and get a certificate error.