[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] MITM attack on TLS
The IT department does not have access to my machine. Also, I have no option but to keep the cert because if I don’t the filter may use DPI to block TLS for me. Not sure if that will be happening, but it may be possible. When it comes to malware, if I think that the IT department is going after me, I will use Tails. That should certainly stop them.
> On Nov 20, 2015, at 4:33 PM, Ivan Markin <twim@xxxxxxxxxx> wrote:
> Justin Davis:
>> Just to give more information, the
>> attack will be done by having every network user install a root cert
>> in our browsers.
> Be twice (or more) careful if someone have access to your computer in
> such way. They can even dump _anything_ that you're looking via Tor. For
> instance, they can sniff SOCKS5 TBB<->tor connection.
> In other case just delete malicious CA certs (if you have these
> Ivan Markin
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to