On 2019-09-10 05:09 PM, Giles Orr via talk wrote: > Decrypting and re-encrypting network traffic is becoming more and more > popular. I think it's an appalling violation of both trust and > privacy, but corporations seem to feel justified to "protect their > network" (it's not necessary to explain the logic to me, I get it ... > I'm just more about individual rights). Or maybe they're just doing > it to mine your data, depending on the context. > > There seem to be two circumstances (this is just about web traffic): > - a private computer on a shared network, ex. you take your personal > computer to a coffeeshop > - a company computer on a company network, ex. you sit down at your > work computer > > I think I understand the latter: with a company computer on a company > network, all that's necessary is to push a trusted certificate and all > future communications will be done with that newly trusted cert and, > well, you're hosed. Everything you send is examined and re-encrypted > with the receiving site's certificate at the company firewall. Can > this be detected? Can this be prevented? > > It seems that some shared networks (ie. the coffeeshop in the above > examples) manage to do this to people: is this only possible if they > convince you to install something, and presumably that install package > includes a certificate? Or is there another way? >
I'm not sure where you're going with this. For example the coffee shop, it's long been recommended people use a VPN to prevent eavesdropping and hacking. Is this what you're referring to? Why is that a problem? I've never heard of a coffee shop forcing you to install something. I have, however, come across some restaurants, where you have to register and then get hit with ads etc. I won't use those ones. As for company equipment on a company network, well that's entirely the company's business. --- Post to this mailing list [email protected] Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk
