LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

HTTPS interception in Nokia's mobile browser

HTTPS interception in Nokia's mobile browser

Posted Feb 1, 2013 14:33 UTC (Fri) by anselm (subscriber, #2796)
In reply to: HTTPS interception in Nokia's mobile browser by hummassa
Parent article: HTTPS interception in Nokia's mobile browser

Meaning a two-bit hacker can compromise any data in those laptops at any time he wants, and all the proxying/MITMing infrastructure is just security theatre...

Not if all the internet access from those machines goes through a VPN back to the company (and the proxying/MITM infrastructure) even if they are in the home or airport network.

(Log in to post comments)

HTTPS interception in Nokia's mobile browser

Posted Feb 1, 2013 21:08 UTC (Fri) by khim (subscriber, #9252) [Link]

Of course it does not do that! VPNs are often incompatible with weird airport/hotel setups. Sometimes "Internet access" means just "http proxy access" and if stuff does not work in this setting executives become quite angry.

HTTPS interception in Nokia's mobile browser

Posted Feb 1, 2013 21:53 UTC (Fri) by anselm (subscriber, #2796) [Link]

VPNs are often incompatible with weird airport/hotel setups.

Whatever. I travel rather a lot and have yet to find an airport/hotel setup that couldn't be made to work with our VPN. Running OpenVPN on TCP port 443 with the client in http-proxy mode helps. If all else fails then at least in-country there is always 3G which supports OpenVPN just fine, thank you very much.

HTTPS interception in Nokia's mobile browser

Posted Feb 2, 2013 13:38 UTC (Sat) by hummassa (subscriber, #307) [Link]

Once you connected to the airport network (usually unencrypted, at least for the handshakes), what makes you think he hacker fifty feet behind you can't see your Facebook cookies, poison one of your apps, or do something that makes him access the juicy bits on your local email folders? And if you think 1% of the executives is careful enough or knowledgeable enough to avoid those kinds of traps, even in post-SabOx world, I do have a bridge or two to sell you. Espionage is simple these days; if your data isn't locked, it is not just yours.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds