Latest in Gear

Image credit:

Google and Symantec go to war over our internet security

As a result, Chrome may distrust Symantec's security certificates.
Share
Tweet
Share

Sponsored Links

Bloomberg via Getty Images

Google and Symantec are engaged in a war about each other's security practices, with all of us caught in the crossfire. As TechCrunch reports, Google believes that Symantec has been improperly issuing security certificates for tens of thousands of websites. If the search engine follows through with its threat, then Chrome will soon no longer place the same level of trust in Symantec's certificates.

Put simply, a security certificate is like a hall pass, letting you roam the corridors of your high school for bathroom breaks and nurse visits. Google says that it's a diligent teacher who makes sure it only hands out paperwork to the honest and the deserving. But it thinks that Symantec has just left a stack of notes by the door, letting any student use them while it grabs a nap behind its desk.

In a post over on Google Groups, Ryan Sleevi says that the search engine has been investigating "a series of failures," by Symantec. By downgrading Chrome's level of trust in Symantec's certificates, the browser will effectively force the security company to re-issue newer certificates, faster. Otherwise, you'll not be able to visit websites with old, untrustworthy documentation without Chrome giving you plenty of warnings.

Google hopes that the move will force Symantec's researchers to do a better job of keeping its house in order. But this fight isn't a new one, and the two companies have a history of dust-ups, including Google calling out holes in Symantec's antivirus products that made them more open to attack. That was in retaliation to Symantec using fake security certificates to access Google-owned domains.

Symantec's response can be paraphrased down to gee man, don't be a narc, dude, saying that 127 improperly issued certificates caused "no consumer harm." In addition, it says that Google has turned a blind eye to other companies's failed practices to target Symantec. This fight is likely to persist with passive-aggressive sniping and other arguments, at least until everyone sits down over a table and makes up.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Amazon Fire TV Stick Lite leaks ahead of tomorrow's hardware event

Amazon Fire TV Stick Lite leaks ahead of tomorrow's hardware event

View
Samsung's newest watches can now take ECG readings in the US

Samsung's newest watches can now take ECG readings in the US

View
Microsoft is holding Xbox Series X and S stock for launch day

Microsoft is holding Xbox Series X and S stock for launch day

View
'Among Us' developers cancel sequel plans, focus on their new/old smash hit

'Among Us' developers cancel sequel plans, focus on their new/old smash hit

View
The Morning After: Tesla's $25,000 EV, and its 200 MPH-capable Model S

The Morning After: Tesla's $25,000 EV, and its 200 MPH-capable Model S

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr