What is this?

Discussion of general issues, not related to a specific Mac or iDevice operating system.
Post Reply
jest2dogs
Forum Member - Level 3
Forum Member - Level 3
Posts: 179
Joined: Tue Apr 26, 2011 11:06 pm

What is this?

Post by jest2dogs » Fri Dec 09, 2016 11:24 am

I often get this notice concerning this particular "website" as listed in the notice whenever I go to say, The New York Times site or other news site. Today I got it when I went to "marinetraffic.com".

Is this some sort of bug, or trojan horse?

When I have typed the supposed address into the address bar it goes nowhere. If I tap on the circular arrow to "repeat" the request, the address disappears.

If it is a bug or trojan horse, how do I get rid of it?
Attachments
Screen Shot 2016-12-06 at 2.00.48 PM.png
What is this?
Screen Shot 2016-12-06 at 2.00.48 PM.png (105.83 KiB) Viewed 4882 times

User avatar
Stephen Hart
Forum Member - Level 5
Forum Member - Level 5
Posts: 3107
Joined: Thu Apr 07, 2011 10:09 am

Re: What is this?

Post by Stephen Hart » Sat Dec 10, 2016 10:11 am

I use the New York Times site often and have never seen this notice. Are you using some kind of shortcut to get to the Times, or the plain, vanilla URL?
http://www.nytimes.com/

Sometimes such a message means that the site need to update its certificate. I've seen it occasionally on other sites.

Generally, it's a good idea to only use the most straightforward URLs. Especially these days when fake news sites are trying to come up with URLs that are nearly like the real ones.

https://en.wikipedia.org/wiki/List_of_f ... s_websites
"Design is not just what it looks like and feels like. Design is how it works."
Steve Jobs

jest2dogs
Forum Member - Level 3
Forum Member - Level 3
Posts: 179
Joined: Tue Apr 26, 2011 11:06 pm

Re: What is this?

Post by jest2dogs » Sat Dec 10, 2016 1:18 pm

I get "breaking news" alerts from The NY Times that show up on all my devices. (I have The NY Times app on my iPad). But now this certificate warning showed up yesterday when I went to marine traffic.com and, just now, I got a similar alert when I went to the British news site for an article from The Guardian. The aforementioned certification alert has been showing up for months.

I contacted Olypen and they could not duplicate the certificate alert and they said their site was clean. They offered to research it further if I want. They suggested I make sure my computer time/date is correct as that may trigger such an alert. My time/date is just fine, thank you.

My mind is telling me that I may have inadvertently triggered a "cookie" or some kind of a bug when I clicked on a sidebar article on some news page or the like. (Sorry, I do not know how to clean out, or otherwise edit "cookies", though I have come across that option somewhere in the preferences. I suffer from "CRS" :0)

BTW, that other issue I had with Mail, where I could not edit in "Draft" , but then, miraculously all was better? Well, the issue has returned! Me thinks a bug.

User avatar
Stephen Hart
Forum Member - Level 5
Forum Member - Level 5
Posts: 3107
Joined: Thu Apr 07, 2011 10:09 am

Re: What is this?

Post by Stephen Hart » Sat Dec 10, 2016 2:36 pm

I guess it's possible that a request is going to another site and triggering the alert when you visit certain legitimate ones.

Here's how to check on cookies, through it may not be easy to know what you want to delete:

Safari > Preferences > Privacy > Cookies and website data > Manage Website Data...
"Design is not just what it looks like and feels like. Design is how it works."
Steve Jobs

User avatar
Stephen Hart
Forum Member - Level 5
Forum Member - Level 5
Posts: 3107
Joined: Thu Apr 07, 2011 10:09 am

Re: What is this?

Post by Stephen Hart » Sat Dec 10, 2016 2:46 pm

Googling "Safari can't verify the identity of the website" turns up pages of answers to this exact question, going back years. You might check a few of those out.
http://osxdaily.com/2014/03/26/fix-safa ... ite-error/

Here's an answer from Stony Brook University computer science, which sounds trustworthy:
https://www.cs.stonybrook.edu/about-us/ ... urityError
Safari 3.x

When this happen with Safari, you will get an error message like " safari can't verify the identity of the website "..cs.sunysb.edu"

This is normal and in order to continue you can just click on "Show Certificate" which will show an another window basically asking you to trust the certificate. At this point, you can do the following:

Check the "Always Trust ..." checkbox.
(Optional) Expand "Trust" and "Details" and verify that it says "Always Trust" in the Trust section.
Click "Continue".
If prompted, login with your local username and password and click "OK".
There have been reports of Safari hanging after making this change so if this happens just "Force Quit" and you should be fine after that. This is a one time fix. Adding the security exception will eliminate the error for future browsing.
I've also seen the answer to reset date and time in System Preferences. Some say to uncheck set automatically, wait a while, then recheck it.
"Design is not just what it looks like and feels like. Design is how it works."
Steve Jobs

User avatar
Stephen Hart
Forum Member - Level 5
Forum Member - Level 5
Posts: 3107
Joined: Thu Apr 07, 2011 10:09 am

Re: What is this?

Post by Stephen Hart » Sat Dec 10, 2016 2:59 pm

This Apple discussion recommends Malwarebytes https://www.malwarebytes.com/mac/
https://discussions.apple.com/thread/77 ... 0&tstart=0
I've read about this app previously, from several sources, so I think it's safe.

If you want another site that seems very unlikely to contain bogus information, try the U.S. Army Medical Research and Materiel Command:

http://mrmc.amedd.army.mil/index.cfm?pageid=ssl

Like others, they say to
1. Click Show Certificate
2. Check to confirm that (1) the "Common Name (CN)" matches the site you're attempting to reach, and (2) that the certificate expiration date hasn't passed.
3. Proceed, which will create a certificate and should permanently take care of the problem for that site.
"Design is not just what it looks like and feels like. Design is how it works."
Steve Jobs

jest2dogs
Forum Member - Level 3
Forum Member - Level 3
Posts: 179
Joined: Tue Apr 26, 2011 11:06 pm

Re: What is this?

Post by jest2dogs » Sat Dec 10, 2016 4:23 pm

The common name on the alert is shown as "*doto.mi.com".
That does not at all match "marinetraffic.com" nor "nytimes.com".
Also, when certificate is showing I cannot get off that tab until I clear the certificate alert from the screen. That is, if Safari is up with several tabs (other sites), I cannot move between them if the "alert" is showing on one of the tabs.
Attachments
Screen Shot 2016-12-10 at 4.19.24 PM.png
Screen Shot 2016-12-10 at 4.19.24 PM.png (1.52 MiB) Viewed 4866 times

jest2dogs
Forum Member - Level 3
Forum Member - Level 3
Posts: 179
Joined: Tue Apr 26, 2011 11:06 pm

Re: What is this?

Post by jest2dogs » Sat Dec 10, 2016 4:36 pm

I just deleted the cookie for"doto.mi.com" in Safari preferences.

When I reconnected to marinetraffic.com the alert immediately reappeared. That site seems to be the trigger site this week as the "alert" has appeared many times before, unrelated to the marine site.

I should add that when the "alert" appears, clicking on the "cancel" button, rather than the "continue" or "show certificate" buttons, closes the alert and I then have full access to the site.

And I have utilized the malware program and restarted my computer. Thanks. Let's see what happens and when.

-Jesse

Post Reply

Who is online

Users browsing this forum: No registered users and 3 guests