I think the difference is in controlling the brand and by doing so allowing the end-user to discern a visible difference. "This is real Chrome and when I'm in this, it's not cooperating with the boss spying." "This is the work browser that I have to use so that they see."
That doesn't make it any less fraudulent. You could sign a release saying you don't care if I forge other people's signatures on checks I give you, but it's still fraud for me to forge those people's signatures.
-
-
Rich... come on

-
I concur. Would that real privacy could exist even at work, but that's not life and there are employers who only reluctantly deploy this stuff because they're legally required to. I'm not debating validity of corporate MITM. It's valid and needed.
-
Where I think there's room for improvement is that I don't believe there's any good reason for any of Chrome's product decisions to be based on not inconveniencing that segment.
-
Where did you get this "invoncenicing" from? The problem is we don't want them in our address space, because they will get it wrong and make things worse and less discoverable for users! Explain how a user finds out if chrome.exe is being hooked, is that easier or harder than CA?
-
Do you think you can safely inject a DLL and hook chrome? I don't think you can, it's really hard. I think you probably can set up a corporate CA. I don't think you should, but if I have to pick one - I pick the latter.
-
Concur. But where I think this hypothetical hook comes into play is when Bluecoat customers can't log in using a WebAuthn token because of the MITM + a token binding requirement for the auth from the server side.
-
My belief is that this shouldn't discourage token binding or similar anti MITM techniques which offer realistic security benefit just because they may make the MITM vendors desperate. Just ensure that forking their own browser is easier for them than patching yours.
-
I'll also point out that it seems some of the techniques I've described aren't so far afield from functionality already in Chrome: the Unwanted Software scanning already looks for improper Chrome mods... How is scanning for prospective MITM mods different?
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.