Security Experts:

Connect with us

Hi, what are you looking for?


Tracking & Law Enforcement

Gogo Denies Using Fake Google Certificate to Spy on Passengers

Inflight Internet service provider Gogo has been caught using a fake Google SSL certificate, but the company says the certificate’s role is to prevent video streaming.

Inflight Internet service provider Gogo has been caught using a fake Google SSL certificate, but the company says the certificate’s role is to prevent video streaming.

The fake certificate was spotted last week by Adrienne Porter Felt, a member of the Google Chrome security team, after she accessed a page that had YouTube in an iframe. The researcher posted a screenshot with the details of the fake certificate issued by Gogo on Twitter.

Web browsers warn users when such certificates are detected. However, if the warning is ignored, the Internet traffic can be intercepted through man-in-the-middle (MitM) attacks.

In response to Felt’s post, Anand Chari, executive vice president and chief technology officer of Gogo, said his company takes customer privacy seriously.

“Right now, Gogo is working on many ways to bring more bandwidth to an aircraft. Until then, we have stated that we don’t support various streaming video sites and utilize several techniques to limit/block video streaming. One of the recent off-the-shelf solutions that we use proxies secure video traffic to block it,” Chari stated on Monday. “Whatever technique we use to shape bandwidth, It impacts only some secure video streaming sites and does not affect general secure internet traffic. These techniques are used to assure that everyone who wants to access the Internet on a Gogo equipped plane will have a consistent browsing experience.”

“We can assure customers that no user information is being collected when any of these techniques are being used. They are simply ways of making sure all passengers who want to access the Internet in flight have a good experience,” Chari added.

Felt has noted that Chrome users couldn’t have bypassed the browser warning without utilizing an override mode that she leveraged for testing purposes. However, the expert pointed out that there are better ways to throttle streaming.

“Unfortunately, this is not a new risk and is pervasive across the Internet. It is increasingly difficult for both end users and businesses to understand if secure communications can be trusted. It’s best if business providers like Gogo don’t complicate the matter by creating more confusion and risk with what looks like malicious certificates that could be used to spoof and monitor private communications,” Kevin Bocek, VP of Security Strategy and Threat Intelligence at Venafi, told SecurityWeek.

“Last year, Facebook and Carnegie Mellon University found more than 6,000 forged certificates that represented Facebook, some of them were actively used by malicious software. Gartner’s conclusion that ‘certificates can no longer be blindly trusted’ from back in 2012 continues to play out in 2015. Not surprisingly, Intel expects the next major cybercriminal marketplace to be the sale of compromised digital certificates. Forged, compromised, and misused certificates and keys are a major threat that enterprises are only starting to grapple with. It’s clear, however, that bad guys know how to use them against us,” Bocek added.

The fact that Gogo is issuing fake SSL certificates might not be so alarming, but the company told the FCC in 2012 that it “worked closely with law enforcement to incorporate functionalities and protections that would serve public safety and national security interests.” Civil liberties groups criticized the company for helping the government track users’ online activities.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...


The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


The owner of China-based cryptocurrency exchange Bitzlato was arrested in Miami along with five associates in Europe


Russian Vladislav Klyushin made tens of millions of dollars by hacking into U.S. computer networks to steal insider information.


Google Project Zero has disclosed the details of three Samsung phone vulnerabilities that have been exploited by a spyware vendor since when they still...


A hacker who reportedly posed as the CEO of a financial institution claims to have obtained access to the more than 80,000-member database of...