https security information
Posted: 17 Feb 2017, 11:00
This site uses https aka secure http (it will run as http too but you should use https://bjoernvold.com/forum).
This means that a certificate from a third party - Comodo CA Limited - voches for it so the data transfer is secure and not intersepted.
Now this is a somwhat false security since your ISP and other "top dogs" can easily spoof and intercept SSL sites!
YOUR web browser's Internet connection MAY be intercepted by your employer, school, church, ISP or whatever organization is providing the Internet connection.
Some even offer this as a feature and call it "HTTPS inspection":
This means that your certificate is worth nothing and that a false certificate is used to break the encryption to "inspect it"
If you can avoid it?
No - you can't!
BUT... you can detect it and tell off your ISP since this is illegal in many countries (probably mandatory in the US since they seem to feel entitled to everything). ....because it is NOT POSSIBLE to COMPLETELY spoof ANY security certificate.
The public key will change when a different certificate is used to intersept the browser will be forced to use a different public key!
...And that is the key
Here is the key for this site:
37 DF DE 8D 25 4B 6F BF F3 15 3A E7 85 91 0F 4DC8 03 5E 2E
To check it in Firefox:
Click on the padlock at the far left end of the URL address bar.
Click the More “Information...” button.
Click the “Security” icon/tab at the top of the “Page Info” dialog.
Click “View Certificate”.
Verify that the certificate's name under “Common Name (CN)” exactly matches what this GRC page shows.
The SHA1 fingerprint is shown under “Fingerprints”.
If the key is diffrent then someone providing your internt is snooping - for sure (drop them!).
If it is identical everything is OK and the SSL is working as it is supposed too.
I have not ben able to find out how to check the Certificate in Chrome - so feel free to help me with that
This means that a certificate from a third party - Comodo CA Limited - voches for it so the data transfer is secure and not intersepted.
Now this is a somwhat false security since your ISP and other "top dogs" can easily spoof and intercept SSL sites!
YOUR web browser's Internet connection MAY be intercepted by your employer, school, church, ISP or whatever organization is providing the Internet connection.
Some even offer this as a feature and call it "HTTPS inspection":
This means that your certificate is worth nothing and that a false certificate is used to break the encryption to "inspect it"
If you can avoid it?
No - you can't!
BUT... you can detect it and tell off your ISP since this is illegal in many countries (probably mandatory in the US since they seem to feel entitled to everything). ....because it is NOT POSSIBLE to COMPLETELY spoof ANY security certificate.
The public key will change when a different certificate is used to intersept the browser will be forced to use a different public key!
...And that is the key
Here is the key for this site:
37 DF DE 8D 25 4B 6F BF F3 15 3A E7 85 91 0F 4DC8 03 5E 2E
To check it in Firefox:
Click on the padlock at the far left end of the URL address bar.
Click the More “Information...” button.
Click the “Security” icon/tab at the top of the “Page Info” dialog.
Click “View Certificate”.
Verify that the certificate's name under “Common Name (CN)” exactly matches what this GRC page shows.
The SHA1 fingerprint is shown under “Fingerprints”.
If the key is diffrent then someone providing your internt is snooping - for sure (drop them!).
If it is identical everything is OK and the SSL is working as it is supposed too.
I have not ben able to find out how to check the Certificate in Chrome - so feel free to help me with that
