阅读413 返回首页    go iPhone_iPad_Mac_apple

Fraudulent Apple Root Certificate on brand new ...

There's a certificate in my Keychain from Apple that is not matching the specifics that the Apple Public Key Infrastructure site specifies. Also half of Apple's root certificates still use SHA-1 which everyone and their grandmother should know is about as useless as a phonebook.

 

Can't add the .cer file that is available on Apple's website either.

 

When I first booted the computer and clicked require all (greyed out options) in preferences it said all of my certificates were not able to be verified, but the computer had never connected to the internet. Several minutes later, still before any internet access, it said all 169 certificates were valid.

 

Fake certificate:

What exactly is it that you are looking for? I don't see a question in your post (aside from the fear I can sense).

I'm looking for a solution.. I technically posted a "discussion," despite the Q: image that is added.

 

I wouldn't daytrade on those instincts..I'm pretty far from afraid. I've been dealing with hacked computers for almost a year now, so long over being afraid of anything. It's more shock at how reality and opinion on really how secure devices are.

 

I don't get why no one is interested in even looking into fake certificates (and a whole bunch of other problems) from a brand new OS. There's been no resolution and no help from Apple Care or this website for almost a year. Instead, I get attempts to prove me wrong (which no one has) and to please reverse engineer everything then present your findings single-spaced Chicago-Style. It's like everyone is afraid to say anything remotely critical.

 

Seems like the only reason for this could be if I am right then no one really has any idea how to help and would have to admit they're computer isn't magical, they're uninformed, and they don't have a solution--all understandably difficult things for anyone.

 

Fake certificate:Screen Shot 2017-09-15 at 10.00.25 PM.png

 

 

Apple's Root Certificates: Screen Shot 2017-09-15 at 9.55.25 PM.png

 

 

Clearly invalid Certificate Status and showing errors - fake "The certificate is valid" label: Screen Shot 2017-09-15 at 10.07.58 PM.png

Your "fake" root cert appears to be the last entry in the table of valid certifcates that you list.  The dates look a little differenent due to one system presenting the time as UTC and the other as PST...

最后更新:2017-09-16 16:34:29

  上一篇:go Cannot add/delete Mail accounts nor change/add/...
  下一篇:go Unknown phantom "Mobile Device" claims to be co...