Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Very simple way I know that not many people know:

Download a cert from offending Google servers, and blacklist it in Android.

The TLS library on the Android will then block it



This is a neat trick; thanks for pointing it out.

Just keep in mind that Google may have a sizable pool of certificates in use across their various servers, and they may rotate them on whatever schedule they like. Keeping up could become a chore.


An option: block the root cert




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: