Is your employer, school, or Internet provider eavesdropping on your secure connections?

By +Warwagon
in Smart Home, Network & Security

 Share

Are you being eavesdropped on?  

8 members have voted

  1. 1. Are you being eavesdropped on?

    • Yes : School
      0
    • Yes : Work
      1
    • Yes : ISP
      1
    • Yes : Other
      1
    • No : School
      0
    • No : Work
      2
    • No : ISP
      2
    • No: Other
      1

Recommended Posts

Mentor

snaphat (Myles Landwehr) Member

Posted
  • Member
Posted

This is just probably going to be another: no-one is being eavesdropped on thing since it requires the attacker to install forged certs and put a bit of effort in. Unless your computer is locked down and not managed by you, it's unlikely that you wouldn't eventually notice since using anything that didn't trust the forged cert would instantly warn you that something was wrong.

Link to comment
Share on other sites
Grand Master

TPreston

Posted
Posted

^ It can be done without any warnings in the browser, All you need is an enterprise ca and a https proxy like tmg

Link to comment
Share on other sites
Grand Master

+LogicalApex MVC

Posted
  • MVC
Posted

I don't see how this can be extrapolated to the ISP level... This tool seems to be attempting to scare people more than needed.

 

^ It can be done without any warnings in the browser, All you need is an enterprise ca and a https proxy like tmg

Wouldn't this still require the Enterprise CA to be added to the browsers list of trusted root stores?

 

I mean if SSL was trivially susceptible to MITM attacks we wouldn't be relying on it...

Link to comment
Share on other sites
Grand Master

TPreston

Posted
Posted

Yeah it needs to be in their trusted root sore (automatically done if its a ad cert services enterprise ca)

Link to comment
Share on other sites
Grand Master

+LogicalApex MVC

Posted
  • MVC
Posted

Yeah it needs to be in their trusted root sore (automatically done if its a ad cert services enterprise ca)

Yeah, but if you're in an AD environment why would you assume that any of the communications are private? Using a work computer is the same as using a public computer... You shouldn't expect that there isn't someone listening in on the system as you have no idea what is running on it. It could have a keylogger buried in a rootkit... Skipping the whole MITM SSL issues altogether...

Link to comment
Share on other sites
Mentor

snaphat (Myles Landwehr) Member

Posted
  • Member
Posted

Wouldn't this still require the Enterprise CA to be added to the browsers list of trusted root stores?

 

I mean if SSL was trivially susceptible to MITM attacks we wouldn't be relying on it...

Yup, that was entirely the point :laugh:, it'd be something likely discovered if you had any unmanaged computers on the network for that reason

 

 

Yeah, but if you're in an AD environment why would you assume that any of the communications are private? Using a work computer is the same as using a public computer... You shouldn't expect that there isn't someone listening in on the system as you have no idea what is running on it. It could have a keylogger buried in a rootkit... Skipping the whole MITM SSL issues altogether...

 

Or a remote viewer for snooping (I know for a fact a few of the national labs do this). Hardily need to forge certs ;-)

Link to comment
Share on other sites
Grand Master

Torolol

Posted
Posted

its still possible to do MITM if the CA was compromised.

for example in 2001 VeriSign (CA) did issuing TWO fraudulent "Microsoft" certificates,

which prompt Microsoft to add those certificates into Untrusted Publisher category in IE certificates list.

Link to comment
Share on other sites
Grand Master

Praetor

Posted
Posted

Yup, that was entirely the point :laugh:, it'd be something likely discovered if you had any unmanaged computers on the network for that reason

 

 
 

Or a remote viewer for snooping (I know for a fact a few of the national labs do this). Hardily need to forge certs ;-)

 

the quickest way for anyone on a domain to know if their communications are being eavesdropped is to surf a bunch of transsexual, one-handed, lesbian, big boobs midget pron and notice if the administration or the IT guys start viewing you in a "different" way; if yes then you are being observed. :laugh: :rofl:

  • snaphat (Myles Landwehr)
  • Like 1
Link to comment
Share on other sites
Mentor

snaphat (Myles Landwehr) Member

Posted
  • Member
Posted

the quickest way for anyone on a domain to know if their communications are being eavesdropped is to surf a bunch of transsexual, one-handed, lesbian, big boobs midget pron and notice if the administration or the IT guys start viewing you in a "different" way; if yes then you are being observed. :laugh: :rofl:

From what I heard, people would search for c-string a lot and end up with something they weren't looking for...  :cool:

Link to comment
Share on other sites
Grand Master

Praetor

Posted
Posted

From what I heard, people would search for c-string a lot and end up with something they weren't looking for...  :cool:

 

once i was searching in Google for "beaches" so i could setup my wallpaper... it didn't end well (safe search didn't exist back then). :laugh:

  • snaphat (Myles Landwehr)
  • Like 1
Link to comment
Share on other sites
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.