Turkish Site Certs Threaten Google

Google’s Chrome browser found that a Turkish certificate authority mistakenly released certificates for the Google.com domain to organizations that were not Google. What’s the problem with this? Well, if an organization has access to a certificate for Google.com they can setup a website as if it’s actually Google.com and run Man in the Middle attacks from it.

Users that browse to this website may think it’s actually Google.com but in reality its not, it just looks like Google. This allows the hackers to put malicious code into their “Google” website as well as see what searches users are doing and potentially user accounts and passwords should a user browse to a website through them that needs a username and password.

This is a very serious issue because of the security implications involved. Due to the problems with the certificates, both Google and Microsoft have pulled TurkTrust from their lists of trusted certificates. Microsoft has made it clear if your computer is running Windows Vista or newer, and is up to date, you will not have to worry about this as they have corrected the issue for those users. Google has done the same for users of Google Chrome.

To read more click here.