It means what the message says....
someone at google has forgotten to create an appropriate certificate for sb.google.com, and has used the certificate for www.google.com instead. Firefox does not like this. |
It seems that Google shares IP addresses between its services. For http this is not a problem because the web server is able to read the host header value before assigning a request to a web site. For https this is different. Here you can only set up one service per IP address because it is the only way to make the web server know to which site a request belongs (the data is in the headers, the headers are encrypted, you had to choose the right certificate to answer in order to avoid this message).
You can also try https://www.google.de – There you will see that the certificate belongs to google.com – and you will get goole.com (English content) although you entered google.de.
The question is: From where did you get the link? Either the link is wrong or they have not updated their configuration, yet. |
Is this related to Google doing SafeBrowsing (SB) checks in the background with the Google Toolbar for Firefox? |
Intercept communications ? Don't you have a brain!? just read the error message and use your brain if you have one and stop submitting such a shit to digg. How Stupid-.. |
William's rambling must be referring to this Digg submission made by Ianklaric :)
http://www.digg.com/security/Someone_is_intercepting_communications_with_google. |
I think Safebrowsing data is now sent to an encrypted connection which is sb.google.com but the securtiy certificate was for www.google.com
Firefox's built-in precaution is alerting us of that.
Try going to https://sb.google.com
You'll get the same error message that I saw when normally browsing.
I was using Firefox 2 Beta 1 btw. |
Man, you guys need to quit being so harsh. I've been getting that too. All it says is that the cert is owned by www.google, not sb.google. Not everybody knows what that means.
egon | www.AutomoBlog.net |
A few months ago, there was exactly the same problem with GMail's certificate. |
Lalufu is right, that's all there is to it, that how certificates work. Btw, Firefox on Mac OS X doesn't display this message. |
I ran a network trace with Ethereal while browsing, and every site I visit, FireFox does a "safe browsing" check. I only have FireFox 1.5. |
Strange – from looking at the code[1], all the sb.google.com requests are supposed to be plain HTTP and not SSL. Anyway, I happened to see bug 345124[2], so I'd guess this is a server-side thing that's being seen at Google as well.
[1] http://lxr.mozilla.org/seamonkey/source/browser/app/profile/firefox.js#473 [2] https://bugzilla.mozilla.org/show_bug.cgi?id=345124 |
It's a security feature in both FF and TB which informs users when security certificates do not match the domain they were sent from. In cases like these, if you are sure that the certificate is valid for that mismatched domain, you can use the http://www.andrewlucking.com/archives/category/remember-mismatched-domains/ (Remember Mismatched Domains) extension for both FF and TB. |
i get the same error everytime i log in to google adsense
and i am using firefox
why do i get this error in firefox ? |
Checkout the script in #2 of http://www.zen-cart.com/forum/showpost.php?p=159558&postcount=33= as this will show you that the NON-SSL javascript file is http://www.google-analytics.com/urchin.js but the SSL javascript file is https://ssl.google-analytics.com/urchin.js and if you use these URLs correctly then you don't get any errors or warning messages.
From what I've seen it's not well documented but this is how Google Analytics expects it to be setup so just do it that way and both IE and FF are happy in and out of SSL.
|