|
Authored by: SpaceLifeForm on Sunday, August 19 2012 @ 06:24 PM EDT |
There are fake certs floating on the net IMO.
I have been seeing these problems for a few months now.
Depending on the ISP, you may or may not get a bad cert.
I believe there is some king of subtle attack happening
with fake certs in the same vein as Stuxnet.
The really interesting ones seem to occur with a bad cert
being thrown at your browser for a site you are *NOT* visiting.
Likely via javascript via an "ad server"
and/or upstream HTML injection.
Set your clock ahead a day or two and see if you notice a difference.
---
You are being MICROattacked, from various angles, in a SOFT manner.[ Reply to This | Parent | # ]
|
|
Authored by: Anonymous on Sunday, August 19 2012 @ 07:17 PM EDT |
Yep this is certificate pinning and I have no idea why it's not standard on all
browsers. That technique goes a long way to mitigating most of what's seriously
wrong with the current PKI.[ Reply to This | Parent | # ]
|
|
|
|
|