Lot of viable attacks still out in the wild. Why are my keystrokes public information? Why was my last Google account (and voice phone number) stolen? Keep it up. And give me back my phone number. Jerks.
My neighbor is a hacker,hacked my wifi and changed the password. Now i have a wired router hope im ok now? He will not stop, i feel bad for my neighbors.
When will the 80% bug be fixed, when I go to some websites they are broken up and I have to zoom down to 80%. Or is here an html fix for these websites to fix the problem?
My entire company cannot connect to google website including Gmail, google, docs, etc with the error NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM after the upgrade. Thanks a lot Google, now I have to migrate everyone to Firefox
NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM same as probably just about everyone now. Same thing happened in 56 until they fixed it. Thanks Google. Chrome is now unusable.
Note: If you're encountering ERR_CERT_WEAK_SIGNATURE_ALGORITHM, it's likely that the site you're trying to access, or your enterprise, is using the insecure SHA-1 algorithm.
Chrome has been working to remove SHA-1 over several years, similar to Apple, Microsoft, and Mozilla. Chrome 56 disables this insecure algorithm by default for public sites, and Chrome 57 disables this by default for enterprise sites.
If you are an enterprise user and affected by this, please direct your IT team to https://security.googleblog.com/2016/11/sha-1-certificates-in-chrome.html , which we've been communicating to Enterprises since Chrome 54 as the necessary flag - EnableSha1ForLocalAnchors - to avoid any risk such as what's being reported.
If you're not an enterprise user, and encountering this on public websites, the website operator needs to replace their certificate.
This phase out has been going on since November 2013, and Chrome 56 represents the completion of this. For the past year and a half, warnings have been shown regarding these certificates, to help site operators and enterprises be prepared.
For people that doesn't know yet, chrome 57 removed the plugin page on purpose. Apparently it has been moved to chrome://settings/content , you still have the ability to turn plugins off/on but finding the specific plugin might be out of reach.
No Loi. That does not pull up the same box. This is a bad move by Google in my opinion. If you want to have that option pulled then have it in the settings where it can be locked down by an administrator.
One other note: If you end up seeing ERR_CERT_WEAK_SIGNATURE_ALGORITHM on sites such as Google, Facebook, etc - and you're not using a machine provided by your employer - then it may be a sign that you have either an insecure antivirus product and/or malware on your machine, both of which can negatively impact the security of your connections. These sites do not use SHA-1, and thus any errors encountered are likely caused by local software interfering with your computer's security.
Filing bugs at https://crbug.com/new can help identify which products may be undermining your computer's security. https://dev.chromium.org/for-testers/providing-network-details has steps on the information to include in the bug report.
Follow
21 comments :
Lot of viable attacks still out in the wild. Why are my keystrokes public information? Why was my last Google account (and voice phone number) stolen? Keep it up. And give me back my phone number. Jerks.
How can we disable the Welcome Sign In Screen in Chrome 57?
Any known Master_preferences settings do not work anymore
My neighbor is a hacker,hacked my wifi and changed the password. Now i have a wired router hope im ok now? He will not stop, i feel bad for my neighbors.
When is it getting built with GTK3 instead of old GTK2?
When will it support Wayland?
What about wayland support? thanks.
Startcom SSL Certificates are with this Google Chrome version not trusted any more (also Certs that were issued before Oct 2016).
chrome://plugins
realy?
WTF?!
Waw :v
Yes, Chrome Plugins are missing with this version.
https://helpx.adobe.com/flash-player/kb/enabling-flash-player-chrome.html
When will the 80% bug be fixed, when I go to some websites they are broken up and I have to zoom down to 80%. Or is here an html fix for these websites to fix the problem?
My entire company cannot connect to google website including Gmail, google, docs, etc with the error
NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM after the upgrade. Thanks a lot Google, now I have to migrate everyone to Firefox
I am facing the same error reported by WmuleW. NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM. I cant use chrome in my company anymore.
WmuleW or Anderson,
could any of you please report a bug under crbug.com for issue you're facing "NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM "?
Thank you,
Krishna
NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM same as probably just about everyone now. Same thing happened in 56 until they fixed it. Thanks Google. Chrome is now unusable.
Note: If you're encountering ERR_CERT_WEAK_SIGNATURE_ALGORITHM, it's likely that the site you're trying to access, or your enterprise, is using the insecure SHA-1 algorithm.
Chrome has been working to remove SHA-1 over several years, similar to Apple, Microsoft, and Mozilla. Chrome 56 disables this insecure algorithm by default for public sites, and Chrome 57 disables this by default for enterprise sites.
If you are an enterprise user and affected by this, please direct your IT team to https://security.googleblog.com/2016/11/sha-1-certificates-in-chrome.html , which we've been communicating to Enterprises since Chrome 54 as the necessary flag - EnableSha1ForLocalAnchors - to avoid any risk such as what's being reported.
If you're not an enterprise user, and encountering this on public websites, the website operator needs to replace their certificate.
This phase out has been going on since November 2013, and Chrome 56 represents the completion of this. For the past year and a half, warnings have been shown regarding these certificates, to help site operators and enterprises be prepared.
For people that doesn't know yet, chrome 57 removed the plugin page on purpose. Apparently it has been moved to chrome://settings/content , you still have the ability to turn plugins off/on but finding the specific plugin might be out of reach.
No Loi. That does not pull up the same box. This is a bad move by Google in my opinion. If you want to have that option pulled then have it in the settings where it can be locked down by an administrator.
One other note: If you end up seeing ERR_CERT_WEAK_SIGNATURE_ALGORITHM on sites such as Google, Facebook, etc - and you're not using a machine provided by your employer - then it may be a sign that you have either an insecure antivirus product and/or malware on your machine, both of which can negatively impact the security of your connections. These sites do not use SHA-1, and thus any errors encountered are likely caused by local software interfering with your computer's security.
Filing bugs at https://crbug.com/new can help identify which products may be undermining your computer's security. https://dev.chromium.org/for-testers/providing-network-details has steps on the information to include in the bug report.
Post a Comment