Su una LAN domestica ho riscontrato questo errore sia in Linux Firefox (un ubuntu vmware VM su Win7) che dal mio browser del telefono Android da un sito di shopping durante il processo di checkout alcuni giorni fa. Ciò potrebbe indicare una sorta di compromissione MITM (ad esempio nel router LAN)? Compromesso DNS? Potrebbe anche essere una delle macchine della rete di consegna del contenuto (CDN) che serve a configurare il contenuto di PayPal in modo errato o a essere compromesso?
This Connection is Untrusted
You have asked Firefox to connect securely to www.paypal.com, but we can't confirm that your connection is secure.
Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified.What Should I Do?
If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.www.paypal.com uses an invalid security certificate.
The certificate is only valid for the following names:
google.com, *.2mdn.net, *.android.com, *.appengine.google.com (many more names...)
Esecuzione di nslookup sulla macchina Linux
@ 01:00
nslookup www.paypal.com
Server: 127.0.1.1
Address: 127.0.1.1#53Non-authoritative answer:
Name: www.paypal.com
Address: 216.58.217.194
Quindi @ 1: 45
nslookup www.paypal.com
Server: 127.0.1.1
Address: 127.0.1.1#53Non-authoritative answer:
www.paypal.com canonical name = www.paypal.com.akadns.net.
www.paypal.com.akadns.net canonical name = ppdirect.paypal.com.akadns.net.
ppdirect.paypal.com.akadns.net canonical name = wlb.paypal.com.akadns.net.
wlb.paypal.com.akadns.net canonical name = www.paypal.com.edgekey.net.
www.paypal.com.edgekey.net canonical name = e3694.a.akamaiedge.net.
Name: e3694.a.akamaiedge.net
Address: 184.86.122.156
Quale sarebbe un piano di riparazione? Sostituire il router LAN di casa? Anche tutti i dispositivi sulla LAN domestica sarebbero sospetti?