Browser Security: Chrome may warn against MITM software in the future
The Internet browser Chrome is intended to better recognize and warn of Man-In-The-Middle attacks in the future.
The Internet browser Chrome is going to automatically detect (threatening) man-in-the-middle attacks from version 63 and warn users if malicious software is installed. The feature, which is only available as an option in the Chrome development strand Canary, should not only warn against a compromise of the secure connection but also display the responsible application.
This is relevant to the extent that even legitimate programs sometimes endanger the security through some well-meant interventions in encrypted connections. The new feature is likely to sensitize users, especially for such interventions in the SSL configuration, whereby the connection can be used by experienced (experienced) users.
To see the feature today, launch Chrome Canary with the flag --enable-features=MITMSoftwareInterstitial and go to http://mitm-software.badssl.com.
Sources:
https://twitter.com/sashaperigo/status/906263091624591360
-
November, 08
Buffer overflow in OpenSSL exploited when validating X.509 certificates
-
September, 09
A company’s brand represents trust and a promise to do right by its customers. It allows consumers to quickly make purchases without questioning whether they can trust the receiver.
-
August, 27
This is to announce that CyberSSL will only be able to issue public SSL / TLS certificates with a lifespan of 398 days (a bit over 1 year). The change takes place starting with 1 September 2020.
-
September, 23
We all love free public WiFi when we are travelling, ordering food in a restaurant, waiting for a job interview, doing internet banking, relaxing at a beach café or in a hotel lobby – it is so convenient! – but, so do criminals.