[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] SSL Visibility Appliance

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] SSL Visibility Appliance
From: Akademika Aka <akademiker1@xxxxxxxxxxxxxx>
Date: Wed, 3 Dec 2014 16:50:56 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 03 Dec 2014 10:51:10 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=xY5u+vyZEE6dfuEi5OP2MWr41Gxorn/FrPN3Ad9m57M=; b=JoK4F8+irHS2cujj6H8Yi1YlgrVFnNyE27fHaWqVJzL8uPBMSrhTVFsuDksWUdSBub 7Mt3PXUz2GOwvFloTD/RBDQk8ZnuDxBLH5VeKeIX1wWfb4sABimedld1fmdcEVZ5/HLU HpvRvKgZS+if6qlYwo2ZyOxyCksKytJGO/4Vs5qVkHDwNO1TxrvbYkrIAGHP8qwqgFax z7PfVaN7skPmBTuKjdf1EEv7RihOO3nRAjIAej9hfADJM0TO0UVlHLY7zIEr+XGonIV+ 7B8RtW0SkjuOzWvAGYq5Q67GWcxPrkcFkHWBjDb/EannMEhYLxF7gPa4KcCrz70QaKhi IM4g==
In-reply-to: <CAMCUc++ub8fF6tRp5tFJ+CEBMJNe17v93VNz-3=hOOV7PZTAxA@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAMCUc++ub8fF6tRp5tFJ+CEBMJNe17v93VNz-3=hOOV7PZTAxA@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

You need to install the sniffers CA certificate to allow them to break your
TLS connections or you need to hack a trusted CA to create some wildcard
ones (Comodo incident). Some software like Chrome also uses cert pinning,
so only a hardcoded cert is allowed. Afaik Tor uses hardcoded certs for the
dir authority and relay certs are signed by dir authority, so this
technology wouldn't be able to sniff Tor traffic, even if you voluntarly
install their CA on your machine.
On Dec 3, 2014 3:55 PM, "Dedalo Galdos" <seguridadblanca@xxxxxxxxx> wrote:

> Last saturday during my Tor Talk in a Security Barcamp someone asked me
> about this technology which I really don't have much information so I want
> to share the link in case someone in here has any experience with this. I
> heard some ISPs are using this in some countries to break into people's ssl
> connections.
>
> https://www.bluecoat.com/products/ssl-visibility-appliance
>
>
> Regards,
> Dedalo.
>
> --
> Scripter, Pentester N' Independent Security Researcher.
>
> Blog: Seguridad Blanca <http://blog.dedalo.in>
> Twitter: @SeguridadBlanca <http://www.twitter.com/SeguridadBlanca>
> --
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] SSL Visibility Appliance
  - From: Dedalo Galdos

References:
- [tor-talk] SSL Visibility Appliance
  - From: Dedalo Galdos

Prev by Author: Re: [tor-talk] tor setup on wt3020h with openwrt problem
Next by Author: Re: [tor-talk] (Slur.io) running over Tor
Previous by thread: [tor-talk] SSL Visibility Appliance
Next by thread: Re: [tor-talk] SSL Visibility Appliance
Index(es):
- Author
- Thread