Google slaps Symantec for issuing fake web security certificates

Google wants Symantec to stop issuing security certificates for sites it doesn’t own.

Sourced through Scoop.it from: www.engadget.com

Not long ago, Symantec revealed that it had issued bogus security certificates for numerous web domains, including Google’s… and as you might guess, Google isn’t happy. The search firm is warning  Symantec that, as of June 1st, any Symantec certificates which don’t meet its transparency policy may create warnings and “problems” in Google products (read: they’ll be deemed insecure). Moreover, it’s asking Symantec to explain why it didn’t catch some of the fake certificates, the causes behind each slip-up and the steps it’ll take to set things right. Not surprisingly, Google doesn’t want malicious sites posing as someone else (especially not Google) in order to deliver malware or perpetuate phishing scams.  For its part, Symantec claims that it issued a “small number” of test certificates by mistake, and revoked them before notifying those affected. It also fired a handful of staff who reportedly weren’t following guidelines. There’s a good chance this won’t happen again. However, the antivirus maker also appears to be downplaying the scope of the problem. 

See on Scoop.itInternet of Things – Company and Research Focus

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s