I'm not sure that I'd concur that that result is a win. Getting Bluecoat customers on a Bluecoat sponsored browser would be a win.
You can't prevent patching a fixed version that the party who wants to do the patching has time to research and hack on. You can prevent reliably having a patched latest-version. Getting Bluecoat customers stuck on ancient vulnerable browser versions = win.
-
-
-
Sorry, "=win" was because I ran out of characters. :-) But the idea was that it makes the patching approach so costly (to their customers' security) that hopefully they'd decide to do something else instead (their own branded browser).
-
But even with their own branded browser, they'll be introducing all sorts of risks to their customers' and their customers' employees just by virtue of what they're doing. So it's not that big a difference. The only secure solution is not to MITM.
-
What's "secure" or not here is certainly up for debate, but the MITM thing really isn't. What could be controlled is the visibility of it and the imposition of its cost as appropriate. There are places that legit need it.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.