"No identity information" alert on gmail

Question

Am I being hacked?

Firefox is displaying this warning to me:

enter image description here

This site does not supply identity information.

Connection with this site is not totally safe because it contains unencrypted elements (such as images).

Permissions: open popup windows: allow.

Clicking on "more info", on the "security" tab it says

enter image description here

Site: mail.google.com

Owner: This site does not supply ownership information

Homologated by: unspecified

Clicking "show certificate" says there is a certificate, issued by "Google Internet Authority G2" on 04-06-2014 and valid until 01-09-2014.

This might be the cause, but that's 10 years of personal info we're talking about here, so I'd like to be really, really, really sure. — That Brazilian Guy, Jun 20 '14 at 14:54
This is my home computer. I have to try it from another computer in another OS on another network and see if it changes. — That Brazilian Guy, Jun 20 '14 at 15:07

score 2 · Accepted Answer · edited May 23 '17 at 11:33

Go here: https://grc.com/fingerprints.htm and put in mail.google.com

Then compare the fingerprint the server shows with the sha-1 fingerprint in your cert.

grc.com and my SSL cert both tell me 84:45:3A:42:E0:2D:3D:50:00:30:C1:2D:D3:2C:26:06:6F:78:AB:3D and a bunch of people in chat agree.

If yours matches, then it is mathematically impossible that someone is doing something nasty, unless they have a true quantum computer that can trivially factor large integers more efficiently than a digital computer (which, if true, would make Heartbleed look like an echo ha ha "virus"), or unless they actually used a vulnerability against Google's servers (fairly unlikely now that Heartbleed has blown over).

You can trust the connection is end to end to Google based on the manual and independent verification of the fingerprints.

However, I believe Gmail has mixed passive content which is the reason why Firefox doesn't consider it to provide "identity information". A full explanation is on Stack Overflow.

score 2 · Answer 2 · answered Jun 20 '14 at 19:57

What you're seeing is a "mixed content" warning: the connection to Gmail that's serving up the HTML of the web page is secure, but another connection involved (eg. a connection providing an image), possibly to a non-Gmail server, is not. This may or may not be an attack, and you can't tell simply by comparing certificate signatures.

score 0 · Answer 3 · answered Oct 23 '14 at 20:38

allquixotic is correct. With Google, one of the most common offenders is the Google Talk plugin [for providing mixed content]. So basically, my gmail window(s) with chat have the warning; my gmail window(s) without chat do not, but odds are you aren't being hacked :)

Rob

"No identity information" alert on gmail

3 Answers3