zlacker

[return to "BlueCoat and other proxies hang up during TLS 1.3"]
1. shthed+wN[view] [source] 2017-02-28 13:10:51
>>codero+(OP)
I wish Chrome wouldn't show a site as 'Secure' if it can tell that the connection is being MITM'd
◧◩
2. jeroen+Hc1[view] [source] 2017-02-28 16:40:09
>>shthed+wN
This is a good point. Google has added functionality so that user installed certificates bypass all certificate pinning utilities, so users using these tools are less protected. However, there is no indication of the network being monitored once the certificate has been installed.

On Android every time a user-installed certificate authority is used a warning is shown. Furthermore, the user is forced to set a lock screen the moment you install a certificate.

If Google can push this (frankly user unfriendly) UI through, why not change "Secure" into "Monitored" in Google Chrome? The green padlock is a lie and the truth is exposed only after inspecting the certificate using the web developer tools.

[go to top]