Delivery-Date: Wed, 03 Dec 2014 11:04:36 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,
	URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 404281E0332;
	Wed,  3 Dec 2014 11:04:35 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 2D8363124B;
	Wed,  3 Dec 2014 16:04:31 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 6D55D304BC
 for <tor-talk@lists.torproject.org>; Wed,  3 Dec 2014 16:04:28 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id ZwLgPSsW4Wq5 for <tor-talk@lists.torproject.org>;
 Wed,  3 Dec 2014 16:04:28 +0000 (UTC)
Received: from mail-qa0-x231.google.com (mail-qa0-x231.google.com
 [IPv6:2607:f8b0:400d:c00::231])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 3C36B21420
 for <tor-talk@lists.torproject.org>; Wed,  3 Dec 2014 16:04:28 +0000 (UTC)
Received: by mail-qa0-f49.google.com with SMTP id s7so10435114qap.22
 for <tor-talk@lists.torproject.org>; Wed, 03 Dec 2014 08:04:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :content-type; bh=nIS/SpUGN/4AFC4uChmhlpoh5OCGlvmwiCjffpWg8wA=;
 b=gi6fnuUqNIPYrMyIqYEG0jJMDxpjXscDEtZg4VvzsZN1mlUV5cpngVwQ4oG2Lfuz9D
 W1fv/CrQ8811ZyhYtVEBhfF/fxqfTfQV2xif/zJhovF1sfE6VdMDqxRO5D1fgiRTsFF3
 9sQ3Vl1FTqUhfVjcVRHNXprWOl4VNvgTkFRGF03o+oLA1qeI5MEme0D9tN30bChpRbVv
 lcO2zZ37B4EiwT7p7lxZr5k7xTE7UaiRbCM6nW48E1ZWLCdY9i+WgNn8mA7uFsQNgTrm
 GudmcUHKgN9SNqDXviwPD+81xSDMKuD7jEqczWMMuSfjUkewRLqDEyuSasXp3iIQDpPr
 iXeg==
MIME-Version: 1.0
X-Received: by 10.229.104.3 with SMTP id m3mr9083974qco.0.1417622665585; Wed,
 03 Dec 2014 08:04:25 -0800 (PST)
Received: by 10.140.216.135 with HTTP; Wed, 3 Dec 2014 08:04:25 -0800 (PST)
In-Reply-To: <CAJJJ=-wsvvzjUV0D_Td1tgJ-3gwsb9M7XR_Qoag9+edmtkBGhg@mail.gmail.com>
References: <CAMCUc++ub8fF6tRp5tFJ+CEBMJNe17v93VNz-3=hOOV7PZTAxA@mail.gmail.com>
 <CAJJJ=-wsvvzjUV0D_Td1tgJ-3gwsb9M7XR_Qoag9+edmtkBGhg@mail.gmail.com>
Date: Wed, 3 Dec 2014 11:04:25 -0500
Message-ID: <CAMCUc+K-TMkbE-f2Ajq+C65K85VUniy6ev5-Q=GGFebgB1mqmQ@mail.gmail.com>
From: Dedalo Galdos <seguridadblanca@gmail.com>
To: tor-talk@lists.torproject.org
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] SSL Visibility Appliance
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Thanks for the answer, I was a little amazed by the demo videos.


Regards,
Dedalo.

2014-12-03 10:50 GMT-05:00 Akademika Aka <akademiker1@googlemail.com>:

> You need to install the sniffers CA certificate to allow them to break your
> TLS connections or you need to hack a trusted CA to create some wildcard
> ones (Comodo incident). Some software like Chrome also uses cert pinning,
> so only a hardcoded cert is allowed. Afaik Tor uses hardcoded certs for the
> dir authority and relay certs are signed by dir authority, so this
> technology wouldn't be able to sniff Tor traffic, even if you voluntarly
> install their CA on your machine.
> On Dec 3, 2014 3:55 PM, "Dedalo Galdos" <seguridadblanca@gmail.com> wrote:
>
> > Last saturday during my Tor Talk in a Security Barcamp someone asked me
> > about this technology which I really don't have much information so I
> want
> > to share the link in case someone in here has any experience with this. I
> > heard some ISPs are using this in some countries to break into people's
> ssl
> > connections.
> >
> > https://www.bluecoat.com/products/ssl-visibility-appliance
> >
> >
> > Regards,
> > Dedalo.
> >
> > --
> > Scripter, Pentester N' Independent Security Researcher.
> >
> > Blog: Seguridad Blanca <http://blog.dedalo.in>
> > Twitter: @SeguridadBlanca <http://www.twitter.com/SeguridadBlanca>
> > --
> > tor-talk mailing list - tor-talk@lists.torproject.org
> > To unsubscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Scripter, Pentester N' Independent Security Researcher.

Blog: Seguridad Blanca <http://blog.dedalo.in>
Twitter: @SeguridadBlanca <http://www.twitter.com/SeguridadBlanca>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

