[tor-talk] MITM attack on TLS
Justin
davisjustin002 at gmail.com
Fri Nov 20 22:37:50 UTC 2015
Hello,
The IT department does not have access to my machine. Also, I have no option but to keep the cert because if I don’t the filter may use DPI to block TLS for me. Not sure if that will be happening, but it may be possible. When it comes to malware, if I think that the IT department is going after me, I will use Tails. That should certainly stop them.
> On Nov 20, 2015, at 4:33 PM, Ivan Markin <twim at riseup.net> wrote:
>
> Justin Davis:
>> Just to give more information, the
>> attack will be done by having every network user install a root cert
>> in our browsers.
>
> Be twice (or more) careful if someone have access to your computer in
> such way. They can even dump _anything_ that you're looking via Tor. For
> instance, they can sniff SOCKS5 TBB<->tor connection.
>
> In other case just delete malicious CA certs (if you have these
> permissions).
> --
> Ivan Markin
>
> --
> tor-talk mailing list - tor-talk at lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
More information about the tor-talk
mailing list