Hacker News new | comments | show | ask | jobs | submit login

If you actually look at the certificate, it is self-signed, not signed by a malicious root server. Your anecdote has nothing to do with this current attack.

You are right. This one has nothing to do with root servers. But they are already able to fake certificate national wide. It's only one step from adding it into root server.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact