when i try to get into a website it tells me my connection is not private....is there a hacker?

Unfortunately there are too many variables here to provide you with. clear answer.

We will need a bit more information from you to be able to assist you:

• Do you have a 13" MacBook Air, running OS X 10.11 (El Capitan) as per your tagline? If so, is it running 10.11.6?
• Which web browser are you using when you see these "warnings?"
• Is the site that you are trying to connect to start with http or https for the address?
• Do you run any type of anti-virus software on your Mac?
• Do you run any type of cleaner app on your Mac?

To also assist you, I suggest that you run an EtreCheck report, and optionally, post it here if you need assistance in interpreting the results.

Ref: https://discussions.apple.com/docs/DOC-250000632

I don't know anything about downloading certificates and I'd rather not mess with that: but I tested the three test websites they provide. Safari/Mavericks rejects all three. Firefox (most recent version, it's still being updated for Mavericks) accepts the first, the current one, and brings up error web pages for the other two:

Chrome 67.0.3396.87 (out of date) reject only the third.

As far as I can see the issue is the failure of older versions of Safari to be kept up to date with certificates.

old usic Said:

"[...]blocking pop ups in browser. How do I do that?[...]"

-------

Blocking Popups:

1. Open: Safari
2. Go Here: Help Menu
3. Type: Block Pop
4. Screenshot 1: This Will Show Up
5. Select: the first Option
6. Proceed from these as mentioned in Screenshot 2

Screenshot 1

Help Menu of Safari:

-----

Screenshot 2

What is Shown:

Does the website's URL begin with http or https? If the former, it's simply a warning that the site is not providing an encrypted connection. If the latter, it may mean that the site's securiy certificate isn't up to date. In either case it's their problem, not yours. Many sites are still using http, i.e. not a secure connection, and this had been normal for years - but being not secured there's always the possibility of a problem (though it's not that common). I've seen this sort of thing occasionally - I go ahead but watching out for anything unusual. It's not likely to be anything to do with your end of the connection.

Here is what happens in Safari 9.1.3 (plus the drop-down when I click 'Show Certificate'):

However both Chrome and Firefox accept the certificate as valid. This means that Safari, though not the others, doesn't like the site's certificate - basically I think it doesn't recognize 'Let's Encrypt Authority'. So this is very likely a matter of Safari not being fully updated - I see you're using OSX 10.11 so that version of Safari may well not be up to date (as mine on OSX 10.9 isn't).

I should emphasize that this is nothing do do with pop-ups and that you have not been hacked: it's simply a matter of your copy of Safari not having been updated to recognize the certificate. Try it with Firefox and it should be OK - but there's no issue in visiting the site in Safari.

old music Said:

“[...]when I attempt to access a website, a note comes on saying the connection is not private and maybe impersonating[...]”

———-

Please Clarify: Is this a popup Message and does this “note” use the word “impersonating”?

Apple’s not going to use the word “impersonating” in a popup message — If that is a word on the message, then either it is built into the site, or it is security software.

So, whatever browser you are using, select to block popup messages. If it no longer pops up, then that would confirm it is part of the site (IOW: Authored into the HTML code).

Please post the EtreCheck data, as requested earlier.

One of the usual cause of these is apps that have been intentionally installed.

This isn't likely pop-ups.

Safari can and routinely show an impersonating message, usually form a certificate or DNS error.

(“This website may be impersonating “host name” to steal your personal or financial information”}

This also isn’t likely the sorts of hackers that you’re probably envisioning, either.

The certificate itself is valid in recent versions of iOS, and should work on macOS.

This might be an add-on app, an ad blocker, or maybe some malware that’s been installed.

The requested EtreCheck data will provide details on the hardware and software configuration, and can often help address this.

ps: If you’re concerned about scams and shlock and hackers? Back up. Upgrade. Better passwords. Two-factor. Etc.

Roger Wilmut1 wrote:

I don't know anything about downloading certificates ...

As far as I can see the issue is the failure of older versions of Safari to be kept up to date with certificates.

Safari uses the trusted root certs from the system keychain.

The root and potentially an intermediate certificate is missing here.

Later releases will have this root cert pre-loaded; pre-trusted.

Without the trusted root cert, the LetsEncrypt certs will be rejected by any apps using ye system interfaces.

Including Safari.

Which ties back to keeping the operating system current, too.

Which ties back to keeping the operating system current

Indeed, and I would if it didn't render several vital applications unusable and involve me in several hundred pounds to upgrade those vital applications which can be updated (not to mention knocking out the ability to fileshare from my laptop and by all reports inability to access a NAS). Such is progress.

See if this browser reports the same problem...

https://brave.com/

Roger, can you load and trust the root cert, and test this? (I don’t have an El Cap system handy.)

https://letsencrypt.org/certificates/