Forwarded from cRyPtHoNβ’ INFOSEC (EN)
Privacy International's data interception environment
This toolkit is built around a flaw that exists in the trust paradigm used extensively on the Internet. When secure connections are established such as HTTPS, the client checks against an internal store of "trust anchors" in its "trust store" known as certificate authorities (or CAs for short). CA's exist in most operating systems through a number of methods, predominantly commercial agreements. This toolkit introduces a CA that we add to the "trust store" (see step 5 and 6 above) which allows us to intercept secure traffic in transit, because the client now trusts this CA in addition to the preconfigured ones.
https://github.com/privacyint/appdata-environment-desktop/blob/master/README.md#privacy-internationals-data-interception-environment
#privacy #tools #mitm
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
This toolkit is built around a flaw that exists in the trust paradigm used extensively on the Internet. When secure connections are established such as HTTPS, the client checks against an internal store of "trust anchors" in its "trust store" known as certificate authorities (or CAs for short). CA's exist in most operating systems through a number of methods, predominantly commercial agreements. This toolkit introduces a CA that we add to the "trust store" (see step 5 and 6 above) which allows us to intercept secure traffic in transit, because the client now trusts this CA in addition to the preconfigured ones.
https://github.com/privacyint/appdata-environment-desktop/blob/master/README.md#privacy-internationals-data-interception-environment
#privacy #tools #mitm
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
Forwarded from BlackBox (Security) Archiv
Kazakhstan's HTTPS Interception
This post describes our analysis of carrier-level HTTPS interception ordered by the government of Kazakhstan.
The Kazakhstan government recently began using a fake root CA to perform a man-in-the-middle (MitM) attack against HTTPS connections to websites including Facebook, Twitter, and Google. We have been tracking the attack, and in this post, we provide preliminary results from our ongoing research and new technical details about the Kazakh interception system.
ππΌ Read more:
https://censoredplanet.org/kazakhstan
#kazakhstan #HTTPS #interception #websites #MitM #tracking #attack #research #analysis #facebook #twitter #google
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
This post describes our analysis of carrier-level HTTPS interception ordered by the government of Kazakhstan.
The Kazakhstan government recently began using a fake root CA to perform a man-in-the-middle (MitM) attack against HTTPS connections to websites including Facebook, Twitter, and Google. We have been tracking the attack, and in this post, we provide preliminary results from our ongoing research and new technical details about the Kazakh interception system.
ππΌ Read more:
https://censoredplanet.org/kazakhstan
#kazakhstan #HTTPS #interception #websites #MitM #tracking #attack #research #analysis #facebook #twitter #google
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES