Hacker News new | ask | show | jobs
by quonn 4255 days ago
I know, but I always just type apple.com. It is still a problem.
1 comments
teamhappy 4255 days ago
Not anymore. They added a redirect.

OS X talks to plenty of apple.com subdomains and there really is no reason not to use self-signed certificates for this kind of thing.

link
alternize 4255 days ago
the redirect happens _after_ the certificate warning. to get to the redirect, you have to accept the self signed certificate first.

so it might still scare people away, and rightfully so: normal folks cannot distinguish a self signed certificate from a malicious used one f.e. used in phishing attempts.

link
quonn 4255 days ago
> normal folks cannot distinguish a self signed certificate from a malicious used one

What do you mean with "normal folks"? Nobody can possibly distinguish this, since an attacker would also just use a self-signed certificate.

link
teamhappy 4255 days ago
You're right, of course. Did they change the certificate?

https://www.sslshopper.com/ssl-checker.html#hostname=apple.c...

https://www.sslshopper.com/ssl-checker.html#hostname=www.app...

link