Topics

moderated safari warns groups.io certificate expired, site "may be impersonating" groups.io etc. #misc


 

I can log into groups.io on firefox today but not safari, which warns me that the site "may be impersonating" groups.io and has certificate that "expired 1 day ago." Just a heads up.
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


 

“Log on” was the wrong term. I meant “visit the site,” whether I log on or not.


On May 30, 2020, at 2:56 PM, J_Catlady via groups.io <j.olivia.catlady@...> wrote:

I can log into groups.io on firefox today but not safari, which warns me that the site "may be impersonating" groups.io and has certificate that "expired 1 day ago." Just a heads up.
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


 

I'm unable to duplicate this, and the .groups.io certificate doesn't expire until September 9th. Is anyone else seeing this?

Thanks, Mark


Glenn Glazer
 

On 5/30/2020 15:01, Mark Fletcher wrote:

I'm unable to duplicate this, and the .groups.io certificate doesn't expire until September 9th. Is anyone else seeing this?

Thanks, Mark


I cannot repro.

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.5 Safari/605.1.15

Best,

Glenn
"Yes, but does Gecko like KHTML?" -me, at work. I have a colleague whose nickname is Gecko (after the animal).

--
PG&E Delenda Est

Virus-free. www.avast.com


 

This is my safari: Version 11.1.2 (11605.3.8.1)
Should I worry? It has a little lock symbol and then it says:
This Connection is Not Private. This website may be impersonating "groups.io" to steal your personal or financial information. You should go back to the previous page.

Then you can click on "Go Back" or "Show Details." When I click on Show Details, it says

Safari warns you when a website has an expired certificate. This website's certificate expired 1 day ago. This may happen if the website is misconfigured, an attacker has compromised your connection, or your system clock is incorrect. Your system clock is set to Saturday, May 30, 2020. If this is not right, fixing the clock may address this warning.
To learn more, you can view the certificate. If you understand the risks involved, you can visit this website.
Oddly, I was unable to copy the text to paste it here. I had to type it in verbatim. I didn't click on either link above.
Should I worry???
Thanks.

--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


Duane
 

On Sat, May 30, 2020 at 05:01 PM, Mark Fletcher wrote:
Is anyone else seeing this?
Someone reported it on GMF, but didn't specify the browser, https://groups.io/g/GroupManagersForum/message/32051

Duane


 

Thanks, Duane. At least I'm not alone, so am less worried that I've been hacked or something.


On Sat, May 30, 2020 at 4:33 PM Duane <txpigeon@...> wrote:
On Sat, May 30, 2020 at 05:01 PM, Mark Fletcher wrote:
Is anyone else seeing this?
Someone reported it on GMF, but didn't specify the browser, https://groups.io/g/GroupManagersForum/message/32051

Duane


--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


Larry Finch
 

Your Safari is very old. The current version is 13.1.1, so try updating it.

On Sat, May 30, 2020 at 7:29 PM J_Catlady <j.olivia.catlady@...> wrote:
This is my safari: Version 11.1.2 (11605.3.8.1)
Should I worry? It has a little lock symbol and then it says:
This Connection is Not Private. This website may be impersonating "groups.io" to steal your personal or financial information. You should go back to the previous page.

Then you can click on "Go Back" or "Show Details." When I click on Show Details, it says

Safari warns you when a website has an expired certificate. This website's certificate expired 1 day ago. This may happen if the website is misconfigured, an attacker has compromised your connection, or your system clock is incorrect. Your system clock is set to Saturday, May 30, 2020. If this is not right, fixing the clock may address this warning.
To learn more, you can view the certificate. If you understand the risks involved, you can visit this website.
Oddly, I was unable to copy the text to paste it here. I had to type it in verbatim. I didn't click on either link above.
Should I worry???
Thanks.


Larry

--
Larry Finch

N 40° 53' 50"
W 74° 02' 55"


 

On Sat, May 30, 2020 at 04:47 PM, Larry Finch wrote:
Your Safari is very old. The current version is 13.1.1, so try updating it.
It seems no updates are available. Maybe because my Mac is very old as well? (Macbook Pro, Retina, 13 inch, early 2015) Or because I'm still running El Capitan (10.18.6)? I was warned not to install Catalina. Maybe that was bad advice?
 
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


 

Duane, could you get the info from the person on GMF about what they're running, etc?
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


Joseph Hudson
 

No problems on my Mac running safari.

On May 30, 2020, at 5:01 PM, Mark Fletcher <markf@corp.groups.io> wrote:

I'm unable to duplicate this, and the .groups.io certificate doesn't expire until September 9th. Is anyone else seeing this?

Thanks, Mark


 

On Sat, May 30, 2020 at 4:52 PM J_Catlady <j.olivia.catlady@...> wrote:
Duane, could you get the info from the person on GMF about what they're running, etc?

I think this is maybe the issue:



I am away from the computer for the next few hours, so I can't research it any more. When I'm back I will see if there's anything on my end that we can do.


Mark
 


Christopher Warrington
 

On 2020-05-30 at 3:01:17 PM, Mark Fletcher <markf@corp.groups.io> wrote:

I'm unable to duplicate this, and the .groups.io certificate
doesn't expire until September 9th. Is anyone else seeing this?
It looks like the Groups.io cert is cross-signed with the AddTrust
root that expired at 2020-05-30 10:48Z. [1]

Modern TLS clients don't have trouble with this cert because the
USERTRUST root hasn't expired yet.

Time for a newer cert without this root?


openssl s_client -connect groups.io:443
CONNECTED(00000004)
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = FR, ST = Paris, L = Paris, O = Gandi, CN = Gandi Standard SSL CA 2
verify return:1
depth=0 OU = Domain Control Validated, OU = Gandi Standard Wildcard SSL, CN = *.groups.io
verify return:1
---
Certificate chain
0 s:OU = Domain Control Validated, OU = Gandi Standard Wildcard SSL, CN = *.groups.io
i:C = FR, ST = Paris, L = Paris, O = Gandi, CN = Gandi Standard SSL CA 2
1 s:C = FR, ST = Paris, L = Paris, O = Gandi, CN = Gandi Standard SSL CA 2
i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
2 s:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
i:C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
3 s:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
i:C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
---
<SNIP>

[1]: https://support.sectigo.com/articles/Knowledge/Sectigo-AddTrust-External-CA-Root-Expiring-May-30-2020

--
Christopher Warrington <lists@...>


 

Ok. From Mark's link, it seems like the problem may be my old computer etc:

"Devices that received security updates after mid 2015 should have the modern USERTrust RSA Certification Authority root certificate (valid until Jan 2038) in their operating system or browser truststores and should be largely unaffected.

Legacy devices that have not received updates to support newer roots will also likely to be missing other essential security updates and support for standards required by the modern Internet. We strongly encourage decommissioning these devices if their software cannot be upgraded. Non-upgraded, legacy devices should never be exposed to the Internet and special mitigations should be applied to isolate them from neighbor systems."

Any advice? Feel free to message me offlist if this is not relevant to most people here.


--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


Donald Hellen
 

J_Catlady . . .

On Sat, 30 May 2020 17:57:38 -0700, "J_Catlady"
<@J_Catlady> wrote:

Any advice? Feel free to message me offlist if this is not relevant to most people here.
Are you unable to upgrade the operating system?

If you can't, you're in the same boat as those still Running Windows
XP. You won't have the security updates to keep you safe.

Donald


----------------------------------------------------
Some ham radio groups you may be interested in:
https://groups.io/g/ICOM
https://groups.io/g/Ham-Antennas
https://groups.io/g/HamRadioHelp


 

Ok. I will answer messages like this offlist from hereon in. Thanks.
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


 

Hi All,

I will generate a new SSL certificate to address this issue, but it won't be until Monday or Tuesday. In the meantime, you can use Chrome or Firefox to access the site.

Thanks,
Mark


Dave Wade
 

Anyone who gets this error should be worried because it means whilst they haven’t been hacked, they are missing root or trusted certificate updates.

Whilst this means they may reject valid certificates, as is happening in this case, it could mean the accept revoked certificates as valid…

 

Dave

 

From: main@beta.groups.io <main@beta.groups.io> On Behalf Of J_Catlady
Sent: 31 May 2020 00:46
To: main@beta.groups.io
Subject: Re: [beta] safari warns groups.io certificate expired, site "may be impersonating" groups.io etc. #misc

 

Thanks, Duane. At least I'm not alone, so am less worried that I've been hacked or something.

 

On Sat, May 30, 2020 at 4:33 PM Duane <txpigeon@...> wrote:

On Sat, May 30, 2020 at 05:01 PM, Mark Fletcher wrote:

Is anyone else seeing this?

Someone reported it on GMF, but didn't specify the browser, https://groups.io/g/GroupManagersForum/message/32051

Duane


--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


Thomas Gruber
 

Hi,
That‘s a pretty old version of Safari. Mine is 13.1.1 now. Could that be the reason?
Kind regards
Thomas

Am 31.05.2020 um 01:29 schrieb J_Catlady <j.olivia.catlady@...>:

This is my safari: Version 11.1.2 (11605.3.8.1)
Should I worry? It has a little lock symbol and then it says:
This Connection is Not Private. This website may be impersonating "groups.io" to steal your personal or financial information. You should go back to the previous page.

Then you can click on "Go Back" or "Show Details." When I click on Show Details, it says

Safari warns you when a website has an expired certificate. This website's certificate expired 1 day ago. This may happen if the website is misconfigured, an attacker has compromised your connection, or your system clock is incorrect. Your system clock is set to Saturday, May 30, 2020. If this is not right, fixing the clock may address this warning.
To learn more, you can view the certificate. If you understand the risks involved, you can visit this website.
Oddly, I was unable to copy the text to paste it here. I had to type it in verbatim. I didn't click on either link above.
Should I worry???
Thanks.

--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


 



MacBook Pro ten years old running High Sierra 10.13.6

Patti