google privacy error - HSTS?

I am trying to get to the bottom of this error that I get (it seems) like once a day.  

What is HSTS?

Here is a screenshot:

google privacy error
Tom KnowltonWeb developerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

DarinTCHSenior CyberSecurity EngineerCommented:
so this has actually been around for 5-6 but has recently been gaining traction
it has also been renamed as HTTP Strict Transport Security
a secure version of HTTP
which serves to thwart man in the mddle attacks

the HSTS informs the browser that this should be connected to as a secure site either http over ssl or tls
Tom KnowltonWeb developerAuthor Commented:
the HSTS informs the browser that this should be connected to as a secure site either http over ssl or tls

And in my case -- is failing to do so?  Can I fix this?
DarinTCHSenior CyberSecurity EngineerCommented:
yes you can install the certificate for said site into your PC -- into trusted certs
....caveat - usually works -
still having occasional issues - especially with firefox
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

Tom KnowltonWeb developerAuthor Commented:
Still looking at this.
Tom KnowltonWeb developerAuthor Commented:
I don't see how to make the certificates "trusted"
DarinTCHSenior CyberSecurity EngineerCommented:
which browser

IE is tools - internet options-trusted sites
and the certificate is on content - certificates - then import

the problem is the browser is now maintin a list of what should be a cert and which is trusted so it folks some security measures and legitimately blocks things like man-in-the-middle
Tom KnowltonWeb developerAuthor Commented:
All my troubles are in Chrome.
Oleksiy GaydaCommented:
You must have some extension in Chrome that hijacks HTTPS traffic to inspect it for advertising purposes. See that * "subject" on the bottom of the screenshot - you are going to but the certificate being used for it is issued to (which is actually a domain for "Ghostery Enterprises", formerly Evidon, a very well-known marketing analytics provider. Remove any Chrome extensions that you don't trust (especially any extensions associated with Betrad or Ghostery) and your browser will stop exhibiting MITM attack behaviors that Google's HSTS mechanisms are detecting and alerting on.

If removing all Chrome extensions doesn't work, you might have some other spyware installed on your computer (likely came along with some freeware game or utility). You should be able to get rid of those by running a scan with Malwarebytes.
DarinTCHSenior CyberSecurity EngineerCommented:
so again it is usually cert related

in this case deeper inspection seems to indicate an expired or shady cert was used - related to DigiCert

lots of sites that use them will be affected

1 - update all cert if possible
2 - delete expired certs

3 is this a mac
saw this before from other site
 when an old, apparently quasi-wide spread certificate expired.

Based on

Instructions for clearing expired DigiCert SSL certificate on OSX

Launching Keychain Access via Spotlight
Type "Keychain Access"
Hit return
Ensure expired certificates are shown; enable "Show Expired Certificates" in the "View" menu.
Search for "Digicert".
Right-click the certificate with a red X and select "Delete DigiCert High Assurance EV Root CA"
The certificate may not look removed until Keychain Access is restarted
Restart your browsers
You should once again be able to access the affected sites.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Tom KnowltonWeb developerAuthor Commented:
I've removed all of my extensions, and it still happens.  For example in Google Docs if i try to edit a document the pop-up window gets hijacked by an advertisement.

When I go to settings / extensions in Chrome:

extensions remvoed
Tom KnowltonWeb developerAuthor Commented:
Scanning with malware bytes 2 detected objects so far:

malware scan so far
Tom KnowltonWeb developerAuthor Commented:
It's a PC, not a Mac.
Tom KnowltonWeb developerAuthor Commented:
Here is one that popped-up during the Malwarebytes scan:

Oleksiy GaydaCommented:
That last one is definitely a virus, most likely some crypto ransomware variant - don't click OK (sometimes triggering uninstallation processes on spyware will kick off their "deadman's hand" process of getting something else nasty to install).

The Malwarebytes scan is finding spyware as suspected: Multiplug and Yula Ads. Make sure you run Malwarebytes scan a couple of times and let it delete/clean whatever it finds.

You should also have an antivirus running on your system - there are a lot of free ones, like Avast or even the Microsoft Security Essentials. Although antiviruses don't always find and delete PUPs (potentially unwanted programs - term used for adware and spyware), so you should use something like Malwarebytes or AdAware to periodically scan for those.

Run a couple Malwarebytes scans, maybe reboot between them to make sure it can delete any "undeletable" objects. Make sure you have an antivirus. Be careful when installing freeware and run Malwarebytes scans every month or so. That should keep you clean of spyware going forward.

Good luck!

P.S. Don't worry, Mac users are starting to get these too, now that they're more popular and pose a more profitable target for the bad guys :)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Google Chrome OS

From novice to tech pro — start learning today.