Security Warnings and the Boy Who Cried “Wolf!”

A friend of mine forwarded a link to a winery whose Cabernet we had shared at a party earlier this week. She wanted to let us check out the full selection of wines the company produced. One person on the email list immediately replied that Chrome blocked her from going to the site because the site was dangerous.

When I tried the link, my computer’s security program, BitDefender, declared a security alert and blocked me, too.

Eeek! Danger!!?

I went to the security program’s console and read the details of the alert:

Bitdefender Suspicious Connection warning

Oh!

BitDefender didn’t really find specific evil on the destination site. Rather, the site’s certificate had a mismatch in the name of the website and the name of the site the certificate was issued for.

Huh?

Well, certificates are issued by third parties and attest to the genuineness of a website. The certificate also allows a secure, encrypted connection between the website and the user at home.

Firefox Potential Security Risk Warning

These benefits are important if you ever enter sensitive information on a form on the site. You want to make sure that someone who monitors random internet traffic cannot see your credit card information or eavesdrop on your communication. Moreover, the certificate issuer attests to the realness of the website, and scammers supposedly cannot get certificates for fly-by-night sites that you might accidently encounter if you follow links you see or get sent in phishing emails.

There are all sorts of real benefits that come from knowing that your browsing is secure. — Google has many articles describing the benefits of using a secure connection with a certificate.

However! 

Some anti-virus programs and browsers often declare a major security emergency for genuine, phishing-free pages when either:

  1. The site’s security certificate is expired.
    You’re supposed to pay a third party every year to say that you’re a real person. If you don’t pay, the certificate expires and Chrome has a fit.
  2. The link you followed for some reason started off https://…. when the site never applied or was issued a security certificate.
    The trailing “s” means that the site is secure and has a security certificate. If the site never bothered to get a security certificate, Chrome has a fit.
    Just retype the link as http://… Without the “s”, and Chrome should mellow!
  3. The name of the website differs from the name of the site in the certificate. This what happened for today’s link to the winery.
    I generally tell the security program to ignore the mismatch and show me the pages. If I was scrolling for sleazy reasons or looking to buy something, I would probably go away from the potential danger. But, if I find the grape leaves and vineyard pictures, I am not going to worry.

Basically, you should check the details of the warning that Firefox, Chrome or whoever is giving.

  • If it’s for an “expired certificate” I personally ignore the warning and go anyway.
  • If the warning is for a missing certificate, I just retype the link without the “s”.
  • If the certificate was issued for another name, I am cautious, but usually proceed. Sometimes a web design company gets a certificate in their name instead of their client’s name, or other innocuous mismatches occur.

I would hesitate to enter my credit card in a site the browser complains about because the browser won’t establish a secure connection to a site it doesn’t like. But, I am usually comfortable checking out a site with a faulty certificate and I am completely okay looking at a site that never applied for a security certificate.

There are real problems on the Internet with real bad guys trying to trick you. But, too often the warnings about certificates remind me a little boy crying, “Wolf!”