Lines Matching full:attacker
2372 When you connect to a secure website, the server hosting that site presents your browser with something called a "certificate" to verify its identity. This certificate contains identity information, such as the address of the website, which is verified by a third party that your device trusts. By checking that the address in the certificate matches the address of the website, it is possible to verify that you are securely communicating with the website you intended, and not a third party (such as an attacker on your network).
2377 When you connect to a secure website, the server hosting that site presents your browser with something called a "certificate" to verify its identity. This certificate contains identity information, such as the address of the website, which is verified by a third party that your computer trusts. By checking that the address in the certificate matches the address of the website, it is possible to verify that you are securely communicating with the website you intended, and not a third party (such as an attacker on your network).
2384 You attempted to reach <ph name="DOMAIN"><strong>$1<ex>paypal.com</ex></strong></ph>, but instead you actually reached a server identifying itself as <ph name="DOMAIN2"><strong>$2<ex>fakepaypal.com</ex></strong></ph>. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of <ph name="DOMAIN3"><strong>$3<ex>paypal.com</ex></strong></ph>.
2394 For a certificate which has not expired, the issuer of that certificate is responsible for maintaining something called a "revocation list". If a certificate is ever compromised, the issuer can revoke it by adding it to the revocation list, and then this certificate will no longer be trusted by your browser. Revocation status is not required to be maintained for expired certificates, so while this certificate used to be valid for the website you're visiting, at this point it is not possible to determine whether the certificate was compromised and subsequently revoked, or whether it remains secure. As such it is impossible to tell whether you're communicating with the legitimate website, or whether the certificate was compromised and is now in the possession of an attacker with whom you are communicating.
2415 In this case, the certificate has not been verified by a third party that your device trusts. Anyone can create a certificate claiming to be whatever website they choose, which is why it must be verified by a trusted third party. Without that verification, the identity information in the certificate is meaningless. It is therefore not possible to verify that you are communicating with <ph name="DOMAIN"><strong>$1<ex>paypal.com</ex></strong></ph> instead of an attacker who generated his own certificate claiming to be <ph name="DOMAIN2"><strong>$2<ex>paypal.com</ex></strong></ph>. You should not proceed past this point.
2425 In this case, the certificate has not been verified by a third party that your computer trusts. Anyone can create a certificate claiming to be whatever website they choose, which is why it must be verified by a trusted third party. Without that verification, the identity information in the certificate is meaningless. It is therefore not possible to verify that you are communicating with <ph name="DOMAIN"><strong>$1<ex>paypal.com</ex></strong></ph> instead of an attacker who generated his own certificate claiming to be <ph name="DOMAIN2"><strong>$2<ex>paypal.com</ex></strong></ph>. You should not proceed past this point.
2469 You attempted to reach <ph name="DOMAIN"><strong>$1<ex>paypal.com</ex></strong></ph>, but the certificate that the server presented has been revoked by its issuer. This means that the security credentials the server presented absolutely should not be trusted. You may be communicating with an attacker.
2495 You attempted to reach <ph name="DOMAIN"><strong>$1<ex>paypal.com</ex></strong></ph>, but the server presented a certificate signed using a weak signature algorithm. This means that the security credentials the server presented could have been forged, and the server may not be the server you expected (you may be communicating with an attacker).
2508 You attempted to reach <ph name="DOMAIN"><strong>$1<ex>paypal.com</ex></strong></ph>, but the server presented a certificate containing a weak key. An attacker could have broken the private key, and the server may not be the server you expected (you may be communicating with an attacker).
2511 In this case, the server certificate or an intermediate CA certificate presented to your browser contains a weak key, such as an RSA key of less than 1024 bits. Because it is relatively easy to derive the corresponding private key for a weak public key, an attacker could forge the identity of the true server.
9349 The identity of the server you are connected to cannot be fully validated. You are connected to a server using a name only valid within your network, which an external certificate authority has no way to validate ownership of. As some certificate authorities will issue certificates for these names regardless, there is no way to ensure you are connected to the intended website and not an attacker.
9369 However, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the look of the page.
9372 However, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the behavior of the page.
9457 <p>Something is currently interfering with your secure connection to <ph name="SITE">$1<ex>google.com</ex></ph>.</p> <p><ph name="BEGIN_BOLD"><strong></ph>Try to reload this page in a few minutes or after switching to a new network.<ph name="END_BOLD"></strong></ph> If you have recently connected to a new Wi-Fi network, finish logging in before reloading.</p> <p>If you were to visit <ph name="SITE">$1<ex>google.com</ex></ph> right now, you might share private information with an attacker. To protect your privacy, Chrome will not load the page until it can establish a secure connection to the real <ph name="SITE">$1<ex>google.com</ex></ph>.</p>
9463 <p><ph name="SITE">$1<ex>google.com</ex></ph> normally uses encryption (SSL) to protect your information. When Chrome tried to connect to <ph name="SITE">$1<ex>google.com</ex></ph> this time, <ph name="SITE">$1<ex>google.com</ex></ph> returned unusual and incorrect credentials. Either an attacker is trying to pretend to be <ph name="SITE">$1<ex>google.com</ex></ph>, or a Wi-Fi login screen has interrupted the connection. Your information is still secure because Chrome stopped the connection before any data was exchanged.</p> <p>Network errors and attacks are usually temporary, so this page will probably work later. You can also try switching to another network.</p>
9478 <ph name="SITE">$1<ex>google.com</ex></ph> provided Chrome with a list of pre-approved certificate credentials. Chrome did not receive any of the pre-approved credentials during this connection attempt, which indicates that an attacker is trying to impersonate <ph name="SITE">$1<ex>google.com</ex></ph>.
