MITM – PrivaSecTech Wed, 13 Nov 2019 18:33:32 +0000 en-US hourly 1 Upgrade your browser before you check your gmail Tue, 30 Aug 2011 20:26:48 +0000 Continue reading Upgrade your browser before you check your gmail]]> There is a wildcard * SSL certificate in the wild, which means malicious people can sit between you and anything at Google (including gmail) and pretend they are Google, watching everything you do. DigiNotar is the root level certificate authority (CA) who gave out this certificate. It’s not clear if this was intentional or not, but regardless, this is the internet version of a death sentence for this company. Mozilla and Microsoft have both pulled DigiNotar out of their browsers. A user in Iran has reported it being used on him; it’s not clear if the attack was from his ISP or his government, but you could also be a victim. Make you you have an upgraded version of your browser before you visit any of Google’s services. You can read the Darknet article for more details.

You should be able to tell your safe if you go to DigiNotar’s website and get a certificate error.