French harmonics? ;) On Dec 8, 2013 7:35 AM, "Fabio Pietrosanti (naif)" <[email protected]> wrote:
> Hi, > > a very dirty fact happened yesterday that still didn't have the > appropriate attention. > > The French Government ANSSI made a MITM against Google SSL/TLS: > > http://googleonlinesecurity.blogspot.it/2013/12/further-improving-digital-certificate.html > > Google does not mention who's ANSSI. > > ANSSI is the French CyberSecurity agency, closely working with defense > and intelligence agencies: > http://www.ssi.gouv.fr/ > > ANSSI declare that they are generating fake-certificate for the purpose > to inspect SSL traffic: > "ANSSI has found that the intermediate CA certificate was used in a > commercial device, on a private network, to inspect encrypted traffic > with the knowledge of the users on that network. " > > Google Detected the MITM and Blocked it: > https://code.google.com/p/chromium/issues/detail?id=326787 > > ANSSI issued a statement that it was a "Human Error" from someone from > the Finance Ministry: > > http://www.ssi.gouv.fr/en/the-anssi/events/revocation-of-an-igc-a-branch-808.html > > So, the summary of the story can be read as follow: > "A French Governmental Agency working on cybersecure with defense and > intelligence agencies admitted that they are doing SSL MITM and that, > due to a human error, they have been caught" > > -- > Fabio Pietrosanti (naif) > HERMES - Center for Transparency and Digital Human Rights > http://logioshermes.org - http://globaleaks.org - http://tor2web.org > > -- > Liberationtech is public & archives are searchable on Google. Violations > of list guidelines will get you moderated: > https://mailman.stanford.edu/mailman/listinfo/liberationtech. > Unsubscribe, change to digest, or change password by emailing moderator at > [email protected]. >
-- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
