Reply to post:

Fuming Google tears Symantec a new one over rogue SSL certs

ZSn

If you're a root like Symantec then yes you can. It all relies on trust - it's amazing that this system works at all to be honest .

Certificate pining can catch this sometimes. However it can also be deliberately bypassed by getting, for example, your work desktop to trust a work owned root ca. Do your internet banking on a machine you control.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2019