"Man In The Middle attacks are increasing and users usually ignore error message... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		mrb on Aug 29, 2011 \| parent \| context \| favorite \| on: Gmail.com being MITM'd by Iran using this certific... "Man In The Middle attacks are increasing and users usually ignore error messages about them" Note that the reported MiTM attack should not result in a popup warning, because the CA certificate used in the MiTM is supposedly technically valid. Does anybody know which browsers include this CA? Browser vendors should consider removing it based on ethical concerns, especially if this MiTM attack is being performed very broadly, at the country level.

mcpherrinm on Aug 29, 2011 | [–]

Mozilla is spinning up new releases to remove the cert.

See http://blog.mozilla.com/security/2011/08/29/fraudulent-googl...

Instructions on how to delete it yourself are available at http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-ce...

shabble on Aug 29, 2011 | | [–]

They really ought to add a search field to that list view.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact