Hacker News new | past | comments | ask | show | jobs | submit login

I've been trying to figure out that attack from the posting, which is months old. They have SSL certs for Google sites which they argue are bogus. They're both signed by "Google Internet Authority G2", using a certificate that expired on 04/04/2015.

Firefox has two pre-installed certs for "Google Internet Authority G2", one of which is still valid, and the other (serial 02:3A:69) has expired. The expired one may have been compromised, allowing the creation of sites which can impersonate Google sites. It's hard to tell from that article, though.

An expired cert in the cert chain will not validate.

The attack reported in the original posting happened when that cert was valid.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact