Conversation:

Notices

1. Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer)'s status on Thursday, 19-Feb-2015 07:56:10 EST Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca

   Remote profile options...
   MITM cert software is all too common. There's a whole ecosystem of vendors selling MITM "solutions" to corporations. And since nobody ever checks the cert details when they're browsing with https, nobody realizes they've been compromised. Never do your banking from your employer's computer! The whole hierarchical PKI of certs, CAs and browsers is completely broken. !surveillance !security
   1. Joshua Judson Rosen (rozzin)'s status on Saturday, 21-Feb-2015 17:40:02 EST Joshua Judson Rosen

      Remote profile options...
      I've heard corporate IT types say "the fundamental underlying problem" with #endtoend !security is that it's secure end-to-end: http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_12-3/123_security.html
   2. lnxw48 (Linux Walt) (lnxw48)'s status on Thursday, 19-Feb-2015 12:42:36 EST lnxw48 (Linux Walt)

      Remote profile options...
      @der @bobjonkman Not just your employer's computer. I used to get catalogs of MITM appliances sent to me at work. The vendors were targeting chains of #coffee shops and eateries that offered #WiFi access. I suspect you're being MITM'd every time you use Internet at a hotel, too.
      1. Joshua Judson Rosen (rozzin)'s status on Saturday, 21-Feb-2015 17:43:38 EST Joshua Judson Rosen

         Remote profile options...
         @lnxw48, that's #disturbing. What's the rationale for coffee-shops #MITM'ing their clientele, anyway?
         1. lnxw48 (Linux Walt) (lnxw48)'s status on Saturday, 21-Feb-2015 17:45:44 EST lnxw48 (Linux Walt)

            Remote profile options...
            @rozzin The vendors' main argument was legal compliance.