[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] SSL Visibility Appliance
Thanks for the answer, I was a little amazed by the demo videos.
Regards,
Dedalo.
2014-12-03 10:50 GMT-05:00 Akademika Aka <akademiker1@xxxxxxxxxxxxxx>:
> You need to install the sniffers CA certificate to allow them to break your
> TLS connections or you need to hack a trusted CA to create some wildcard
> ones (Comodo incident). Some software like Chrome also uses cert pinning,
> so only a hardcoded cert is allowed. Afaik Tor uses hardcoded certs for the
> dir authority and relay certs are signed by dir authority, so this
> technology wouldn't be able to sniff Tor traffic, even if you voluntarly
> install their CA on your machine.
> On Dec 3, 2014 3:55 PM, "Dedalo Galdos" <seguridadblanca@xxxxxxxxx> wrote:
>
> > Last saturday during my Tor Talk in a Security Barcamp someone asked me
> > about this technology which I really don't have much information so I
> want
> > to share the link in case someone in here has any experience with this. I
> > heard some ISPs are using this in some countries to break into people's
> ssl
> > connections.
> >
> > https://www.bluecoat.com/products/ssl-visibility-appliance
> >
> >
> > Regards,
> > Dedalo.
> >
> > --
> > Scripter, Pentester N' Independent Security Researcher.
> >
> > Blog: Seguridad Blanca <http://blog.dedalo.in>
> > Twitter: @SeguridadBlanca <http://www.twitter.com/SeguridadBlanca>
> > --
> > tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> > To unsubscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >
> --
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
--
Scripter, Pentester N' Independent Security Researcher.
Blog: Seguridad Blanca <http://blog.dedalo.in>
Twitter: @SeguridadBlanca <http://www.twitter.com/SeguridadBlanca>
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk