If your corporate network uses MITM* to read all HTTPS traffic, is that network safe to use for connecting to your bank, email, etc?
- yes12.1%
- no54.5%
- what is MITM33.3%
33 votesFinal results
1
1
Conversation
Replying to
So it's basically taking your request and then using HTTPS to connect to the outside world? If that's the case, you're still depending on the fact that it was set up correctly and even then, who's to know what they're logging / recording. Much easier to just turn on your hot spot
1
Replying to
Specifically they are doing this- I visit github.com & the ssl cert is re-signed. It looks like they don't re-sign all certs, just some & the browser has to be the one installed by the org so that the orgs ssl cert is trusted
Quote Tweet
Replying to @patricktoomey and @vcsjones
Wow, I've never seen this before. IE says ssl cert is good, but has been replaced by something my employer's network. Chrome is also happy with this state of affairs.
1
2
Replying to
Yeah I wouldn't trust that -- especially if they didn't announce it.