HTTPS redirects to HTTP for monitoring
cb.list6 at gmail.com
Sun Jan 18 18:29:05 UTC 2015
On Sunday, January 18, 2015, John Levine <johnl at iecc.com> wrote:
> >> So your idea is to block every HTTPS website?
> >From my point of view, it is better than violate user privacy & safety.
> >Sneaky is evil.
> I expect your users would fire you when they found you'd blocked access to
And they would sue you for gross negligence for decrypting their ssn when
access company payroll and cpni data
>>> These boxes that violate end to end encryption are a great place for
> >>> hackers to steal the bank and identity info of everyone in your
> Since the end user machines are generally running Windows, why would bad
> waste time on a much harder and more obscure target?
Who said the mitm box was not running windows ?
That said, a properly admin'd win7 box is about as secure as any other end
station in my opinion. Yea, win2k and xp were a pain, msft has come a long
The same cannot be said for Adobe or Java.
More information about the NANOG