[cryptography] Gogo inflight Internet uses fake SSL certs to MITM their users

John Levine johnl at iecc.com
Thu Jan 8 18:37:56 EST 2015


>It is what they are doing. I am an unhappy (for many reasons) regular (for many
>other reasons) Gogo customer, and noticed pretty quickly when they started doing
>it. I looked at their certs and it's an awful-user-experience way of blocking
>videos, and I strongly suspect that the rotten user experience is the intent.

Do the fake certs validate in web browsers?  If so, who's giving them fake
*.google.com certs?

R's,
John


More information about the cryptography mailing list