[cryptography] yet another certificate MITM attack

Jon Callas jon at callas.org
Fri Jan 11 14:42:49 EST 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Jan 10, 2013, at 4:47 PM, Peter Gutmann wrote:

> Jon Callas <jon at callas.org> writes:
> 
>> Others have said pretty much the same in this thread; this isn't an MITM 
>> attack, it's a proxy browsing service.
> 
> Exactly.  Cellular providers have been doing this for ages, it's hardly news.
> 
> (Well, OK, given how surprised people seem to be, perhaps it should be news in 
> order to make it more widely known :-).

Yes. I wouldn't use such a service, and it's why I installed Firefox and Chrome on my Fire. I'm not going use Silk. I admire the technology, but it's not for me.

	Jon


-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 3.2.0 (Build 1672)
Charset: us-ascii

wj8DBQFQ8GtBsTedWZOD3gYRArZAAKDMS6s0vPmZ2Gfg3UHzurfDRoAecACfVmsz
BDhSNZIO/eXyi5wdJxOhFRw=
=534L
-----END PGP SIGNATURE-----



More information about the cryptography mailing list