A Brazilian CA trusted only by Microsoft has issued a certificate for google.com

This can used to intercept traffic to Google from Edge and other Windows applications (except Chrome and Firefox).

Good job M$ :clown_face:

2 Likes

Microsoft and breaking chain of trust is a match made in heaven. I still haven’t forgotten their “secure boot” debacle.

I have a feeling they don’t want as well this but were made for compliance.

Mozilla is the only certificate store that can be trusted.

They have rejected the sloppy CA (known in Japan as “GPKI”) operated by the Japanese government.
The Japanese government wielded its authority and demanded that Mozilla trust its root certificate, but Mozilla firmly refused. It was brilliant.
MS, on the other hand, blindly accepted the CA without scrutinizing its operating structure.

https://yumetodo.hateblo.jp/entry/2018/02/28/232939

1 Like

And this is a way of how your search querry(-ies) goes to MS so it can profile its ads, train its AI and do all the crazy stuff. Without you even realizing it OFC.

Well, this is, yet another, clear sign that both MS and Google are not to be trusted. Yet alone used.

1 Like