To anyone considering MITM certs, even for AV, etc.: By doing this, you are completely disabling the browser's ability to detect forgery.
-
-
Replying to @RichFelker
@RichFelker To play devil's advocate, what's stopping MITM box from doing forgery checking, cert pinning, or anything else browser w/ do?1 reply 0 retweets 0 likes -
Replying to @matolucina
@matolucina Even if they were competent and willing to, there's no way to present results to use user & keep up with latest browser behavior2 replies 0 retweets 0 likes -
Replying to @RichFelker
@matolucina And with pinning there would likely be timing leaks that reveal what sites you've been to, even in porn mode...1 reply 0 retweets 0 likes
@matolucina ...because the MITM proxy has no way to know whether the browser is in porn mode or not, and no interest in assisting anyway.
2:08 PM - 23 Nov 2015
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.