On Sun, Apr 16, 2023 at 4:52 PM Jeffrey Walton <noloa...@gmail.com> wrote: > > On Sun, Apr 16, 2023 at 3:06 PM Tim Woodall <debianu...@woodall.me.uk> wrote: > > > > On Sat, 15 Apr 2023, Greg Wooledge wrote: > > > > > Now, personally I don't feel this is a threat model that I need to > > > worry about. I just use plain old http sources at home, and if "They" > > > learn that I've downloaded rxvt-unicode and mutt, well, good for Them. > > > > The thread model I'm most concerned about is local stuff *exporting* > > data elsewhere. > > > > I do understand that there are people in some parts of the world that > > want to do things that they ought to be allowed to do but their > > repressive governments are preventing. HTTPS is a useful tool to make > > that repression harder - but doesn't actually make people safe - if > > doing something is illegal then it's still illegal even if it's harder > > for the authorities to detect it. > > > > But it's pretty much impossible nowadays to have a "safe" environment at > > home. Phones, TVs, almost everything, now tries to establish outgoing > > connections. > > > > ESNI, and DNSoHTTPS are on the way to making it almost impossible to > > keep tabs on this and restrict what is allowed to egress. > > > > The only redeeming point is that corporates *need* to do egress > > filtering - so at the moment the browsers cannot totally block it - and > > if they did try, there would be the financing to provide a browser that > > corporates could use that, at least, allowed SNI sniffing and regular > > DNS. > > Corporations don't need browser cooperation for Data Loss Prevention > (DLP) (but they already have it). Corporations just run an > interception proxy, like NetSkope. The NetScope Root CA is loaded into > every browser trust store. The application will terminate all traffic, > inspect it, and forward the request if it looks innocuous.
To be clear... The NetSkope Root CA is loaded into browsers for computers owned by the corporation. I.e., part of the corporation's standard image. The NetSkope Root CA is _not_part of Mozilla, Chrome, Edge, Opera, etc., trust store. (After re-reading, it sounded like I was stating the latter). Jeff > The W3C and Browsers have already decided "interception is a valid use > case." That boat has already sailed. The browsers claim authority > comes from Priority of Constituencies under the Web Design Principles. > I argued against it until I was blue in the face. Also see > https://www.w3.org/TR/html-design-principles/#priority-of-constituencies. > > The conspiracy runs even deeper. App developers cannot ask a WebSocket > for the certificate or public key used to setup the secure channel. If > an app/JavaScript could get the info, then it could determine the > connection was intercepted. The browsers don't want app authors > knowing that because "interception is a valid use case." So the W3C > and Browsers have baked interception into the model, and then > neutered/crippled the technologies to ensure the agenda is moved > forward. > > Jeff
