[conspire] Comodo-signed bogosity (was: DigiNotar Damage Disclosure)

Rick Moen rick at linuxmafia.com
Thu Sep 8 23:12:53 PDT 2011


Quoting Ehud Kaldor (ehud.kaldor at gmail.com):

> I have another explanation that might work, which I have experienced:
> My work place does that. I noticed a few months ago, when FF was started
> complaining about mismatch in cert, that although it is a cert for the given
> site, the issuer is... my work place. I figured this is probably some
> corporation protection spying thingie, which allows the interceptor gateway
> to read my encrypted communication. And one thing I don't want is
> corporation IT to be able to see my banking transmissions or even my
> searches. So, don't use these sites at work.

Yes, Web proxying of https (a rather twisted thing to do) can account for it
in some cases.  And I absolutely concur:  That would be exactly the sort
of environment where you would want to avoid entirely doing anything
over the Internet connection that you didn't want spied on.

(There are always ways to tunnel your traffic out over other protocols
in a cryptographically covered fashion.  However, if they really are
determined to spy on employees, circumventing that spying can lead to a
permanent unpaid vacation.)





More information about the conspire mailing list