August 30, 2011
A fake Google certificate was discovered in use in Iran by someone using Google’s Chrome web browser, which is configured differently to prevent such attacks, and the search engine company said other e-mail users were targeted in the same country.
“Someone tried to get between them and encrypted Google services,” Google security official Heather Adkins wrote in a blog post. “The people affected were primarily located in Iran.”
Security experts said that in addition to issuing false certificates, the hackers would need contact with users to fool them into interacting with a bogus site, allowing the hackers to eavesdrop. The easiest way to do that would be through a co-operative internet service provider, or ISP.
ft.com/cms/s/0/6bb480b4-d327-11e0-9ba8-00144feab49a.html#axzz1WY5RhdtV
No comments:
Post a Comment