On Sunday, January 18, 2015, John Levine <jo...@iecc.com> wrote: > >> So your idea is to block every HTTPS website? > >From my point of view, it is better than violate user privacy & safety. > > > >Sneaky is evil. > > I expect your users would fire you when they found you'd blocked access to > Google. > > And they would sue you for gross negligence for decrypting their ssn when access company payroll and cpni data
>>> These boxes that violate end to end encryption are a great place for > >>> hackers to steal the bank and identity info of everyone in your > company. > > Since the end user machines are generally running Windows, why would bad > guys > waste time on a much harder and more obscure target? > > Who said the mitm box was not running windows ? That said, a properly admin'd win7 box is about as secure as any other end station in my opinion. Yea, win2k and xp were a pain, msft has come a long long way. The same cannot be said for Adobe or Java. CB