Man in the middle attacks are hard to defend against especially if the certificates are not forged.
Iran government involved with Dutch certificate issuer hacking? ABC seems to think so. The intent and outcome of the hacking was to make fake certificates for a ton of sites and then man-in-the-middle attack Iranian net traffic to those sites. And because the issuer didn’t let anyone know it was hacked the attack was successful for over a month.
And as a user it’s not very easy to defend yourself from these attacks if the certificates are not revoked as your web browser accepts any certificate issued from an authorized issuer.
What you could do is if you are about to do something someone might want to spy on you about, and connecting to say google.com on the login page even if the https lock is green check that certificate that it was issued by someone you would expect like google. If you are Iranian and the certificate is from a different country like Holland or Lithuania or something weird it’s probably a man in the middle attack.
Check the certificates to be sure!
To do this click the green lock, then Certificate information link, and check the issuer is not weird.
While you are sure that a man in the middle is not happening you might want to note down the cert authority of the sites you have to use and then you can quickly check them when you are about to login. Right now might be a good time to do this.
(And Google can issue their own certificates? Is that good or bad?)
- Google Warns Users of Possible Man-in-the-Middle Attacks (searchenginewatch.com)
- Google, Mozilla and Microsoft ban the DigiNotar Certificate Authority in their browsers (zdnet.com)