is my gmail being eavesdroped by local isp or government??

Discussion in 'privacy technology' started by mzbcracker, Oct 1, 2012.

Thread Status:
Not open for further replies.
  1. mzbcracker

    mzbcracker Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    13
    hi.
    i use latest version of opera.i go to gmail.com and i'm sure the address starts with https:// but opera tells that it's an insecure connection.then when
    i use vpn and my ip is changed then when i go to gmail.com every thing is okay and it tells me that it's a secure connection.
    is somebody like gov or my isp trying to eavesdrop my emailo_O
    i have attached the picture:
    http://s15.postimage.org/lg0hsh87v/image.png
    and also here:
    http://s15.postimage.org/b780mnk63/image.png
    what should i do?
    is somebody eavesdropping me?
     
  2. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Hi & welcome to Wilders :)

    Has this just started happening ?

    Some HTTPS pages include portions which are only HTTP. Quite why they do that ? What do you see as you Actually log in ?

    It "should" be all HTTPS then.
     
  3. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,425
    Yeah I've gotten that too. I'd like a answer too.
     
  4. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,425
    Looking at the pictures it looks like a CRIME or BEAST attack scenario (google those two names). Gmail or Opera is using TLS 1.0 which is proven to be broken. It could also be an attack on the SHA1 or RSA authentication (RSA got hacked so this could be part of the problem, the keys are in the wild maybeo_O) part of the certificate.

    I'll research some more and get back to you. But if I would have to say, your getting Man In The Middle attacked.
     
  5. mzbcracker

    mzbcracker Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    13
    thanks.i'm looking forward to your answers.
    what should i do to prevent that?
    by the way when i connect to vpn and load gmail.com ,then opera says connection is secure and every thing is okay.and then when i disconnect vpn,then again opera says connection is secure and it's okay until i clear the opera cache.is it secure to disconnect vpn and use opera that way or it's insecure??
     
    Last edited: Oct 2, 2012
  6. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,425
    For now just for safety i'd use only your VPN only to read your email. I doubt they can attack you while using a VPN, if it's encrypted like it should be you should be OK for now, do you know what type of encryption your VPN uses?

    I'd also consider changing browser or having a separate browser for reading mail.

    BTW what country are you located in?

    ALSO update your modems firmware please, and patch your system if you haven't already.
     
    Last edited: Oct 2, 2012
  7. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,088
    I don't know Opera, but judging from http://my.opera.com/community/forums/topic.dml?id=1482592 it seems as though you *might* simply be running into a mixed content issue. Regardless, you need to get to the bottom of *exactly* what "Insecure connection" and "The server attempted to apply security measures, but failed" could mean.

    By exploring the page and its content you may be able to identify something that is being loaded via HTTP. You could also sniff your network when loading the page, verifying that the destination hosts/addresses are appropriate for the gmail context and also looking for HTTP requests. Wireshark ;)
     
  8. Wroll

    Wroll Registered Member

    Joined:
    Nov 29, 2011
    Posts:
    549
    Location:
    Italy
    Same message on my PCs with Opera & Gmail [I've tried it on 2 different PCs from 2 different countries on Ubuntu & W7]. If I reload the page the security icon will become yellow for secure.

    I have a Gmail account only for testing, so, unless someone is that dumb to try to spy something I don't use, I think there's just another bug in Opera [not so unusuall for them, I think they are kings at this chapter].
     
  9. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,425
    Well mine was on Firefox so it's not just Opera. It could be a error but my gut says otherwise, when there is smoke there is usually fire...
     
  10. Wroll

    Wroll Registered Member

    Joined:
    Nov 29, 2011
    Posts:
    549
    Location:
    Italy
    My Firefox & Chrome are saying that the connection is encrypted on gmail.

    Anyway. I made an "updgrade" to 12.10 and it seems Gmail is working fine in Opera. The connection is encrypted.
     
  11. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,425
    Yeah it's not everytime you log in to Gmal just every so often.
     
  12. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    More likely... by black hats. I've seen this as well on AIM's mail servers. The mail servers themselves are compromised, there's nothing you can do on your end (other than make sure you force encryption via a VPN, etc...).

    Also avoid going to the site by opening a bookmark... do a search and click on the link.

    And always take notice of if the connection is encrypted or not before you sign in. If it's not, try to reload the page or re-do the search until it is.

    I don't think it's a BEAST SSL crack, but rather a sophisticated redirect method. It even eludes NoScript.
     
  13. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,425
    Yeah it does elude Noscript. I think I can say I was being MiTM. Not sure what attack method is being used though. I'll do some digging.
     
  14. Sordid

    Sordid Registered Member

    Joined:
    Oct 25, 2011
    Posts:
    221
    This is Opera related.

    Re-install.

    Use another browser.

    Wait for an update that solves Opera's age old lookup problem.

    Get a better line (doubtful).
     
  15. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    I've seen this happen on both IE & Firefox too, and am certain it could happen on any browser.
     
  16. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,425
    It's not only Gmail, I've gotten waning's while visiting Reddit. I don't believe these are browser issues. Someone , somewhere is watching, and is up to naughty stuff.
     
  17. Sordid

    Sordid Registered Member

    Joined:
    Oct 25, 2011
    Posts:
    221
    Gmail uses TLS 1.1.

    Other browsers?? Missed that.

    Well, again, it could be mixed content or a redirection--what browser errors are we talking about now. Could also be your browser timing out due to latency. Perhaps, improperly maintained keys or file corruption. But this is a known Opera error, guys. One that was at least corrected by one person here already by re-installing (updating). I suggest you all at least try it. You are dealing with something that is delicate and has many variables.

    Or.

    It's the Illuminati elite doing a very bad job of intermittently cracking your Reddit on a global scale for the past 10 odd years (how long people have been complaining about Opera handshakes borking). :D :doubt:


    I like sleuth stuff too. But parsimony's a wicked wench.

    & not suggesting to just assume meaningless errors when seeing https warnings, but this all seems a bit much. If this is so wide spread, you'd see it hit Trusteer and Webroot etc which double checks certs and keys if someone hasn't examined this directly already.

    EDIT:
    Thought this story sort of relevant: ==http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10838484
     
  18. zitch

    zitch Guest

    I have never seen this happen with my Opera browser, I always check to see if the connection is secure before I log onto a site, will watch for it, I would not log in if I saw that, would run every scan I could think of, to try to find the culprit....:eek:
     
  19. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    7,293
    Location:
    England
Loading...
Thread Status:
Not open for further replies.