Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

secure sites not secure in chrome.


  • Please log in to reply
3 replies to this topic

#1 Adams369

Adams369

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 01 May 2015 - 10:52 PM

Getting crossed out red x in https . states site may be using outdated encryption. am I being hacked or do the sites need to update thier security. I know it posses a threat or not secure but it is happening on real well known sites. it also happens on all computers in the house but I'm pretty sure only with google chrome.


Edited by Budapest, 02 May 2015 - 12:38 AM.
Moved from Win8 ~Budapest


BC AdBot (Login to Remove)

 


m

#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:04:58 AM

Posted 01 May 2015 - 10:56 PM

Hi Adams369 :)

If you are using Google Chrome 42, this is normal. Starting in version 42, Google Chrome starts tagging as "insecure" websites that uses SHA-1 algorithm encryption for their certificates, in order to move them to a more secure one since SHA-1 is old and deprecated (less secure). If you want, I created a thread on that yesterday where I show how to get these certificates information on a website, so you can verify yourself. Also, would you mind posting which websites are having this insecure connection so I can test them for my troubleshooting?

Google Chrome 42 vs SSL Certificates

Thank you :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 Adams369

Adams369
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 02 May 2015 - 04:30 AM

thanks so much for your input. So as long as I verify that it is sha1 certificateit is still secure only an old method of security measure. So are you troobleshooting for a fix or these sites have to update thier methods. And should I use another browser for these sites for now. 



#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:04:58 AM

Posted 02 May 2015 - 10:12 AM

I'm trying to see if these websites are indeed using SHA-1 signed certificates, or if the issue comes from my side (my network). You can keep on using Google Chrome to visit these websites, even if you use another web browser, the certificate will still have the same signature, so it makes no difference.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users