[cryptography] Gogo inflight Internet uses fake SSL certs to MITM their users

Nathan Dorfman na at rtfm.net
Tue Jan 6 17:37:37 EST 2015


On Tue, Jan 6, 2015 at 11:34 AM, shawn wilson <ag4ve.us at gmail.com> wrote:
> You can smartly limit resolution in squid - I don't trust this is what
> they were doing, but you could provide a better experience like this.

This may be just barely worth mentioning, but still: Gogo was, less
than a year ago, was boasting that they go out of their way to provide
law enforcement with information beyond what the law requires. E.g.:
http://www.wired.com/2014/04/gogo-collaboration-feds/

Gonna go out on a limb here and strongly suggest not trusting any
*.google.com certificate signed by these guys.


More information about the cryptography mailing list