Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Submission + - Google Finds Fraudulent Certificates Used by French Government (securityweek.com)

wiredmikey writes: Google announced on Saturday that it detected a French government agency using unauthorized digital certificates for several Google domains to perform man-in-the-middle attacks on a private network.

Google security engineer Adam Langley said the company traced the fraudulent certificates to Agence nationale de la sécurité des systèmes d’information (ANSSI), a French certificate authority that falls under the government's cyber-security agency. "ANSSI has found that the intermediate CA certificate was used in a commercial device, on a private network, to inspect encrypted traffic with the knowledge of the users on that network," Langley noted in a blog post.

In a separate statement, ANSSI blamed "human error" for the incident.

Google's Langley described the incident as a "serious breach" and warned that the company is considering additional actions.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Google Finds Fraudulent Certificates Used by French Government

Comments Filter:

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (9) Dammit, little-endian systems *are* more consistent!

Working...