Last week, the compromise of a Dutch certificate authority, DigiNotar, put the private online communications of some Internet users (mostly in Iran) at risk. It was found that a fraudulent SSL certificate was issued by DigiNotar for Google (which its not supposed to issue certificates for) allowed the attackers to get between Gmail users and the encrypted Google services.
The Google Chrome browser immediately detected the fraudulent certificates, protecting the user. Both Microsoft and Mozilla responded promptly to the threat too.
Not the Gmail team is urging Iranian users to take steps to protect their communications. It is contacting users directly that it deems to have been affected by the attack, even though Google's internal systems were not compromised in any way.
On its official blog, the Gmail team urged all Iranian users to:
- Change your password. You may have already been asked to change your password when you signed in to your Google Account. If not, you can change it here.
- Verify your account recovery options. Secondary email addresses, phone numbers, and other information can help you regain access to your account if you lose your password. Check to be sure your recovery options are correct and up to date here.
- Check the websites and applications that are allowed to access your account, and revoke any that are unfamiliar here.
- Check your Gmail settings for suspicious forwarding addresses or delegated accounts.
- Pay careful attention to warnings that appear in your web browser and don't click past them.
Written by: James Delahunty @ 9 Sep 2011 21:37