It means that people, specifically some Iranian bloggers, have discovered the fake certificates actually being used on actual servers, to fake being Google.
Which is what the false cert does: It tells a web browser that yes, this site *really is* google.com. Or gmail.google.com. Or plus.google.com. Or docs.google.com. Or....
On the internet. Outside a lab. Affecting real users and being used in a real attack, as opposed to "in a security researcher's testbed as a proof of concept"
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
(no subject)
Date: 2011-08-31 11:31 pm (UTC)(no subject)
Date: 2011-08-31 11:38 pm (UTC)Which is what the false cert does: It tells a web browser that yes, this site *really is* google.com. Or gmail.google.com. Or plus.google.com. Or docs.google.com. Or....
(no subject)
Date: 2011-09-01 02:13 am (UTC)(no subject)
Date: 2011-09-01 03:48 am (UTC)The wilds of the internet? What?
(no subject)
Date: 2011-09-01 05:46 am (UTC)(no subject)
Date: 2011-09-01 10:54 am (UTC)(no subject)
Date: 2011-09-01 01:12 pm (UTC)(no subject)
Date: 2011-09-01 09:17 pm (UTC)"Sir, that is a bear."
"No, look, according to this certificate, this is Google. It's allowed to enter the cafe. It says 'free internet' right over the door, after all."
(no subject)
Date: 2011-09-01 09:36 pm (UTC)(no subject)
Date: 2011-09-02 02:50 am (UTC)