Delivery-Date: Wed, 03 Dec 2014 10:51:10 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,
	URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id B86D71E0332;
	Wed,  3 Dec 2014 10:51:08 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 41C0A2E211;
	Wed,  3 Dec 2014 15:51:03 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 429952848D
 for <tor-talk@lists.torproject.org>; Wed,  3 Dec 2014 15:51:00 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id MhYjfm7MbOAa for <tor-talk@lists.torproject.org>;
 Wed,  3 Dec 2014 15:51:00 +0000 (UTC)
Received: from mail-ob0-x233.google.com (mail-ob0-x233.google.com
 [IPv6:2607:f8b0:4003:c01::233])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 20E8B214EB
 for <tor-talk@lists.torproject.org>; Wed,  3 Dec 2014 15:51:00 +0000 (UTC)
Received: by mail-ob0-f179.google.com with SMTP id va2so1254055obc.24
 for <tor-talk@lists.torproject.org>; Wed, 03 Dec 2014 07:50:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=googlemail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :content-type; bh=xY5u+vyZEE6dfuEi5OP2MWr41Gxorn/FrPN3Ad9m57M=;
 b=JoK4F8+irHS2cujj6H8Yi1YlgrVFnNyE27fHaWqVJzL8uPBMSrhTVFsuDksWUdSBub
 7Mt3PXUz2GOwvFloTD/RBDQk8ZnuDxBLH5VeKeIX1wWfb4sABimedld1fmdcEVZ5/HLU
 HpvRvKgZS+if6qlYwo2ZyOxyCksKytJGO/4Vs5qVkHDwNO1TxrvbYkrIAGHP8qwqgFax
 z7PfVaN7skPmBTuKjdf1EEv7RihOO3nRAjIAej9hfADJM0TO0UVlHLY7zIEr+XGonIV+
 7B8RtW0SkjuOzWvAGYq5Q67GWcxPrkcFkHWBjDb/EannMEhYLxF7gPa4KcCrz70QaKhi
 IM4g==
MIME-Version: 1.0
X-Received: by 10.182.121.129 with SMTP id lk1mr3482063obb.83.1417621857029;
 Wed, 03 Dec 2014 07:50:57 -0800 (PST)
Received: by 10.76.91.130 with HTTP; Wed, 3 Dec 2014 07:50:56 -0800 (PST)
Received: by 10.76.91.130 with HTTP; Wed, 3 Dec 2014 07:50:56 -0800 (PST)
In-Reply-To: <CAMCUc++ub8fF6tRp5tFJ+CEBMJNe17v93VNz-3=hOOV7PZTAxA@mail.gmail.com>
References: <CAMCUc++ub8fF6tRp5tFJ+CEBMJNe17v93VNz-3=hOOV7PZTAxA@mail.gmail.com>
Date: Wed, 3 Dec 2014 16:50:56 +0100
Message-ID: <CAJJJ=-wsvvzjUV0D_Td1tgJ-3gwsb9M7XR_Qoag9+edmtkBGhg@mail.gmail.com>
From: Akademika Aka <akademiker1@googlemail.com>
To: tor-talk@lists.torproject.org
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] SSL Visibility Appliance
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

You need to install the sniffers CA certificate to allow them to break your
TLS connections or you need to hack a trusted CA to create some wildcard
ones (Comodo incident). Some software like Chrome also uses cert pinning,
so only a hardcoded cert is allowed. Afaik Tor uses hardcoded certs for the
dir authority and relay certs are signed by dir authority, so this
technology wouldn't be able to sniff Tor traffic, even if you voluntarly
install their CA on your machine.
On Dec 3, 2014 3:55 PM, "Dedalo Galdos" <seguridadblanca@gmail.com> wrote:

> Last saturday during my Tor Talk in a Security Barcamp someone asked me
> about this technology which I really don't have much information so I want
> to share the link in case someone in here has any experience with this. I
> heard some ISPs are using this in some countries to break into people's ssl
> connections.
>
> https://www.bluecoat.com/products/ssl-visibility-appliance
>
>
> Regards,
> Dedalo.
>
> --
> Scripter, Pentester N' Independent Security Researcher.
>
> Blog: Seguridad Blanca <http://blog.dedalo.in>
> Twitter: @SeguridadBlanca <http://www.twitter.com/SeguridadBlanca>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

