cross-posted from: https://lemmy.one/post/5660007
Likely under the command of law enforcement and without informing any clients.
cross-posted from: https://lemmy.one/post/5660007
Likely under the command of law enforcement and without informing any clients.
Good suggestions at the bottom.
There are several indications which could be used to discover the attack from day 1:
so per wikipedia and confirmed at MDN, firefox is the only major browser line not to consider certificate transparency at all. and yet it’s the only one that has given me occasional maddening SSL errors that have blocked site access (not always little sites, it’s happened with amazon).
i don’t understand how firefox can be simultaneously the least picky about certificates and the most likely to spuriously decide they’re invalid.