Hacker News new | past | comments | ask | show | jobs | submit login

It's a MITM attack so I'm guessing the traffic is no longer secure.



It is, but he's using IE so that isn't an issue.

Firefox provides it's own TLS root certificate store, while Chrome and IE inherit the system's.


It may be secure against outsiders (depending on what the MITM does with it) but is almost certainly being monitored by the employer.


Some of those 'security' platforms are pretty terrible.

I can't remember which vendor it was, but at least one of them was accepting invalid certificates, and re-encrypting the traffic with its own certificate chain. Completely hiding any errors that should have been visible to the end users.


I've noticed some popular Windows anti-virus software doing similar things recently. Trying to check one of our own (HTTPS/HSTS enabled) sites after a report from a customer suggested something might not be set up ideally, we looked at the certs showing on someone's laptop and it turned out their anti-virus had rewritten the whole thing anyway.

I understand why some scanning tools decrypt SSL traffic and effectively MITM their own system so they can do their job, but when this results in rewriting the chain of credentials to use some phantom authority that isn't who you originally thought you were talking to, that seems a significant downside.




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: