[tor-talk] MITM attack on TLS

Justin davisjustin002 at gmail.com
Fri Nov 20 22:37:50 UTC 2015


Hello,
The IT department does not have access to my machine.  Also, I have no option but to keep the cert because if I don’t the filter may use DPI to block TLS for me.  Not sure if that will be happening, but it may be possible.  When it comes to malware, if I think that the IT department is going after me, I will use Tails.  That should certainly stop them.

> On Nov 20, 2015, at 4:33 PM, Ivan Markin <twim at riseup.net> wrote:
> 
> Justin Davis:
>> Just to give more information, the
>> attack will be done by having every network user install a root cert
>> in our browsers.
> 
> Be twice (or more) careful if someone have access to your computer in
> such way. They can even dump _anything_ that you're looking via Tor. For
> instance, they can sniff SOCKS5 TBB<->tor connection.
> 
> In other case just delete malicious CA certs (if you have these
> permissions).
> -- 
> Ivan Markin
> 
> -- 
> tor-talk mailing list - tor-talk at lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk



More information about the tor-talk mailing list