The original issue dates back two years ago, when a serious security issue was discovered effecting all Norton and Symantec products which allowed an attacker to easily infect your Windows kernel without any user interaction. Following that revelation were a round of firings at Symantec which were intended to reassure customers and security experts which were somewhat successful, until earlier this year. In January it was discovered that Symantec provided digital certificates to verify the authenticity of several questionable sites, including ones never authorized by ICANN. This has been enough for Google; Chrome will no longer trust older Symantec certs in version 66 and will not trust any as of version 70. The Inquirer provides a full timeline here.
"The decision to remove Symantec certificates came as a result of the discovery of a dodgy certificate in 2015, leading to a fuller investigation that brought forward more issues with security at the beginning of this year."
Here is some more Tech News from around the web:
- Optical quantum memory shrinks to the nanoscale @ Nanotechweb
- WD Gold offers 12TB of storage aimed at the data centre @ The Inquirer
- Chatbot Lets You Sue Equifax For Up To $25,000 Without a Lawyer @ Slashdot
- What's a storage burrito, you ask? Why all the newsy tidbits chopped, cooked and wrapped up @ The Register