Comments: How many SSL MITMs are there? Here's a number: 0.2% !!!

This makes no distinction between MITM _attacks_ and the use of MITM _proxies_ as a matter of network policy. The latter requires root CA certificates to be installed in browsers deliberately, and is only possible because the corporation with the proxy policy also owns the IT department and the computers that the employees use. It's not a security flaw that the IT department can set its own security policy.

If the employee brings in their own laptop, or iphone, or whatever, then the corporate MITM proxy will not work as an "attack": it will pop up the typical SSL failure page, just as it is supposed to.

Posted by Andrew Cady at May 12, 2014 07:24 PM
Post a comment

Remember personal info?

Hit Preview to see your comment.
MT::App::Comments=HASH(0x5643eea47d38) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/ line 125.