Google, is that you?
Posted by Simon in Technology with No Responses Yet
I’ve dusted off the cobwebs from my Parallels installation and Windows XP virtual machine so I could try out Google Chrome. The new, hawt, browser from Google. I’ve heard that one of the benefits of using Chrome is that Google web apps, such as GMail and Google Reader, run much faster and tend to be more stable. As an avid GMail and Google Reader user, I was eager to see how great the difference was.
So I fired up GMail and had a bit of a play around. And yes, it does seem a touch faster, a bit snappier, than in other browsers. I don’t think it’s life changing, in fact it’s barely noticeable. What did alarm me, however, was what happened when I tried to navigate from GMail to Google Reader. See the image below (click to enlarge).
As you can see, trying to navigate from GMail to Google Reader results in a really ominous warning about the identity of the site you are (attempting to) navigate to. The text reads as follows.
You attempted to reach www.google.co.uk, but instead you actually reached a server identifying itself as www.google.com. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of www.google.co.uk. You should not proceed.
And…
When you connect to a secure website, the server hosting that site presents your browser with something called a “certificate” to verify its identity. This certificate contains identity information, such as the address of the website, which is verified by a third party trusted by your computer. By checking that the address in the certificate matches the address of the website, it is possible to verify that you are securely communicating with the website that you intended and not a third party (such as an attacker on your network).
In this case, the address listed in the certificate does not match the address of the website that your browser tried to go to. One possible reason for this is that your communications are being intercepted by an attacker who is presenting a certificate for a different website, which would cause a mismatch. Another possible reason is that the server is set up to return the same certificate for multiple websites, including the one that you are attempting to visit, even though that certificate is not valid for all of those websites. Google Chrome can say for sure that you reached www.google.com, but cannot verify that it is the same site as www.google.co.uk which you intended to reach. If you proceed, Chrome will not check for any further name mismatches. In general, it is best not to proceed past this point.
It’s worth pointing out that this clearly isn’t a Google Chrome problem, but rather a Google SSL problem. They are trying to pass off a .co.uk domain with a .com SSL certificate. Unfortunately, many users will not realise that this isn’t a nefarious attack.
The second thing of note is the error message itself. It’s very, very well written. It’s in plain English, presents the problem in a simple, understandable way, and also gives a bit of background as to what is going on. So bravo on that point, Google. But don’t stop there, with Google’s resources, you would have thought they’d have a significant amount of data on fake / expired SSL certificates. They could put this to use to avoid false positives, such as this, and make the web not just a safer place (if you knew Google would identify a false certificate within a few minutes and broadcast it, preventing users from accessing the site, you’d certainly reconsider trying it) but also a more usable place.
What do you think about Google Chrome?
Read a usability review of Google Chrome.
Popularity: 1% [?]
There aren't any comments yet, why not add the first.
Popular Posts
Recent Posts
How to Implement a Robust, Usable Image Thumbnail Solution in WordPress
Posted by Simon in WordPress with No Responses Yet
In this article I’ll show you how to create a robust and usable thumbnail solution for WordPress themes. One that will automatically resize images and optionally add borders and copyright watermarks.
Popularity: 1% [?]
Why FireFox’s Ubiquity could be a game changer
Posted by Simon in Technology with One Response
Mozilla, the people behind FireFox, have tentatively released a new plugin called Ubiquity out into the wild. One fairly humble blog post on the Mozilla Lab’s Blog is, in my opinion, going to change the way we all think about the web.
What is Ubiquity?
The quick way of describing Ubiquity is to simply say it’s a [...]Popularity: 1% [?]
How to exploit the Olympics as a Blogger
Posted by Simon in Blogging with No Responses Yet
The Beijing Olympics are big, no doubt about it. But what do you do if you’re a blogger who’s blog doesn’t cover anything to do with the 2008 Olympics? How can you take advantage of one of the most watched events in the world? Let’s take a look at some ways even the most unrelated [...]
Popularity: 1% [?]
What happens when there’s no story?
Posted by Simon in Apple with No Responses Yet
Those in the blogging community who cover Apple related news have been jumping all over the Mobile Me launch, and its well documented failures. It’s even got to the point where, allegedly, Steve Jobs has admitted Apple made a mistake in launching Mobile Me at the time they did. It would be very easy to [...]
Popularity: 2% [?]
Where’s Alex when you need him?
Posted by Simon in Apple with No Responses Yet
If there’s one thing missing from the 3g iPhone that everyone’s calling for, it’s voice guided navigation. While the maps application serves a purpose, it can be distracting if you’re trying to follow of while driving. Having to constantly check the screen isn’t as usefull, or as safe, as having voice prompts.
The really baffling [...]Popularity: 2% [?]
Posted by Simon in Apple with No Responses Yet
Like many others, the purchase of a new iPhone 3g has rendered many of the iPod accessories obsolete. The biggest surprise for me is that Apple’s own iPod dock, which was purchased with my 4g iPod, won’t charge my new iPhone. There was talk of Apple changing the charging mechanism, but I refused to believe [...]
Popularity: 2% [?]
Posted by Simon in Apple with 3 Responses
I won’t beat around the bush, so here are 5 really quick iPhone 3g tips to keep you occupied. And even if you’re not using an iPhone 3g, many will work with the original iPhone and iPod Touch. So here goes.
Don’t pay for ringtones - There’s no need to pay for ringtones. Just [...]
Popularity: 8% [?]
Display Upcoming Events on the iPhone Sleep Screen Without Hacks or Apps
Posted by Simon in Apple with No Responses Yet
Moving from a Nokia N95 to an iPhone 3g (eventually), one of the things I will miss is the list of upcoming events on the home screen. Essentially, it’s just a simple list of events in my calendar that occur in the next few days. So how can we emulate this functionality on an iPhone [...]
Popularity: 4% [?]
How To Easily Check iPhone 3g Availability
Posted by Simon in Apple with No Responses Yet
With O2 and Carphone Warehouse completely sold out of iPhone 3gs (at least according to their websites), it would appear that Apple Stores are the only place you’re going to find one of the elusive blighters. But how do you know they’ll have one in stock? Well fortunately Apple has provided a page on its [...]
Popularity: 5% [?]
![[Valid RSS]](http://www.oakinnovations.co.uk/blog/wp-content/themes/OIB5/valid-rss.png "Validate my RSS feed")
