nanog mailing list archives
Re: HTTPS redirects to HTTP for monitoring
From: Ca By <cb.list6 () gmail com>
Date: Sun, 18 Jan 2015 10:29:05 -0800
On Sunday, January 18, 2015, John Levine <johnl () iecc com> wrote:
So your idea is to block every HTTPS website?From my point of view, it is better than violate user privacy & safety. Sneaky is evil.I expect your users would fire you when they found you'd blocked access to Google.
And they would sue you for gross negligence for decrypting their ssn when access company payroll and cpni data
These boxes that violate end to end encryption are a great place forhackers to steal the bank and identity info of everyone in yourcompany. Since the end user machines are generally running Windows, why would bad guys waste time on a much harder and more obscure target?
Who said the mitm box was not running windows ? That said, a properly admin'd win7 box is about as secure as any other end station in my opinion. Yea, win2k and xp were a pain, msft has come a long long way. The same cannot be said for Adobe or Java. CB
Current thread:
- HTTPS redirects to HTTP for monitoring Grant Ridder (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring kendrick eastes (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring Andy Brezinsky (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring John Levine (Jan 19)
- Re: HTTPS redirects to HTTP for monitoring Tim Franklin (Jan 20)
- Re: HTTPS redirects to HTTP for monitoring William Herrin (Jan 20)
- Re: HTTPS redirects to HTTP for monitoring John Levine (Jan 19)
- Re: HTTPS redirects to HTTP for monitoring Ca By (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring Ammar Zuberi (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring nanog (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring John Levine (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring Ca By (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring John R. Levine (Jan 18)
- Message not available
- Re: HTTPS redirects to HTTP for monitoring Larry Sheldon (Jan 19)
- Re: HTTPS redirects to HTTP for monitoring John Levine (Jan 19)
- Re: HTTPS redirects to HTTP for monitoring Ammar Zuberi (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring William Waites (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring Kelly Setzer (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring Matt Palmer (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring Damian Menscher (Jan 19)
- Re: HTTPS redirects to HTTP for monitoring Ca By (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring Geoffrey Keating (Jan 18)