Great Firewall architects fingered for GitHub attack
The Chinese computer scientists who helped build the country’s infamous Great Firewall may have been responsible for a man-in-the-middle attack on users of GitHub after they were named and shamed on the social code sharing site. This is the theory put forward by GreatFire.org, a not-for-profit organisation which monitors and …
This topic is closed for new posts.
The future of SSL
How long before it is mandated that every browser in China has a trusted root certificate that is controlled by the ruling party.
There would then be no indication of a MITM attack and it wouldn't prove a visible annoyance to most users.
Every SSL packet could then be DPI'd.
Re: The future of SSL
> There would then be no indication of a MITM attack
I don't see this. The browser checks the chain that the remote server presents. And if you want an SSL connection, that chain has to check out.
Re: The future of SSL
If you control the trusted certificate root server you have ability to create any certs you want.
if you have some control over "your" browser
I would like to be able to tie https sites to specific certificates in my browser. Then I wouldnt have to check the certificate every time I visited the site to be sure that one of the zillion other root certs installed in my browser wasnt being used. eg I should be able to tell my browser to only say https hsbc is valid if it is signed verisign not any other root cert like neverheardofthem.com. i couldnt get firefox addins to do that on all platforms. any tips?
This topic is closed for new posts.
