T-Motion and its digital uncertificate

Admin cock-up

Mobile services firm T-Motion has a security certificate on in its Web site, which fails to work properly for three reasons.

Visitors to T-Motion's UK site who try to use the secure logon option get an alert which tells them:

  • The certificate expired on October 4 2001
  • The certificate was issued "to a company you have chosen not to trust"
  • The certificate only works with a different site anyway.

If you choose to accept the thrice invalid certificate
you can still connect to establish a secure connection with the site, as this is how digital certificates work. (This is an admin cock-up on T-Motion's part, rather than a security issue).

T-Motion is part of the Deutsche Telecom Group and is a major supplier of WAP services and ought to be able to sort out SSL certificates without making a hash of it. The company was informed politely about the problem one week ago by a Reg reader. ®

External links

FAQ about T-Motion

Related stories

Microsoft fails to renew its digital certificate
Symantec forgets to renew its digital certificate
F-In-Secure muddles up its digital certificate
Microsoft vexed by falsified certs
UK govt new encryption system only works with MS kit
German 3G ruling to increase corporate welfare clamour
One2One launches 'unmetered' mobile service

Sponsored: Today’s most dangerous security threats