Reply to post: "it'll be noticed by others."

Insecure web still too prevalent: Boffins unveil HSTS wall of shame

LDS Silver badge

"it'll be noticed by others."

No, if I were a government agency and I'm doing MITM for specific targets, I wouldn't do a blank replacement of certs for everybody - I would specifically target only the "people of interest" - exactly to avoid easy spotting.

Again, how many do check the chain of trust of a certificate? Pinning could help, but it has its disadvantages, and Chrome removed it, while MS never used it. And if badly implemented, it's still vulnerable:

https://www.schneier.com/blog/archives/2017/12/security_vulner_10.html

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019