[cryptography] Gogo inflight Internet uses fake SSL certs to MITM their users
jon at callas.org
Thu Jan 8 18:35:06 EST 2015
-----BEGIN PGP SIGNED MESSAGE-----
On Jan 6, 2015, at 5:22 PM, Seth <list at sysfu.com> wrote:
> On Tue, 06 Jan 2015 14:37:37 -0800, Nathan Dorfman <na at rtfm.net> wrote:
>> Gonna go out on a limb here and strongly suggest not trusting any
>> *.google.com certificate signed by these guys.
> Has anyone on the list had success running the Tor Browser Bundle over a Gogo in flight connection?
Pffft. A simple local VPN works just fine to get around their stuff. I'm very happy with the VPN I'm presently using. The clever person can figure out who it is from this email.
Well, I'll be. I am on a Gogo-enabled flight even as we squeak, and I just turned my VPN off to go get you one of their certs. They're letting me get to YouTube and Vimeo just fine now. I guess someone got some sense. It was pretty hamfisted and really just reminded me to turn on my VPN.
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 3.3.0 (Build 9060)
-----END PGP SIGNATURE-----
More information about the cryptography