You need to install the sniffers CA certificate to allow them to break your TLS connections or you need to hack a trusted CA to create some wildcard ones (Comodo incident). Some software like Chrome also uses cert pinning, so only a hardcoded cert is allowed. Afaik Tor uses hardcoded certs for the dir authority and relay certs are signed by dir authority, so this technology wouldn't be able to sniff Tor traffic, even if you voluntarly install their CA on your machine. On Dec 3, 2014 3:55 PM, "Dedalo Galdos" <seguridadbla...@gmail.com> wrote:
> Last saturday during my Tor Talk in a Security Barcamp someone asked me > about this technology which I really don't have much information so I want > to share the link in case someone in here has any experience with this. I > heard some ISPs are using this in some countries to break into people's ssl > connections. > > https://www.bluecoat.com/products/ssl-visibility-appliance > > > Regards, > Dedalo. > > -- > Scripter, Pentester N' Independent Security Researcher. > > Blog: Seguridad Blanca <http://blog.dedalo.in> > Twitter: @SeguridadBlanca <http://www.twitter.com/SeguridadBlanca> > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
