• r00ty@kbin.life
    link
    fedilink
    arrow-up
    0
    ·
    3 months ago

    What if I told you, businesses routinely do this to their own machines in order to make a deliberate MitM attack to log what their employees do?

    In this case, it’d be a really targetted attack to break into their locally hosted server, to steal the CA key, and also install a forced VPN/reroute in order to service up MitM attacks or similar. And to what end? Maybe if you’re a billionaire, I’d suggest not doing this. Otherwise, I’d wonder why you’d (as in the average user) be the target of someone that would need to spend a lot of time and money doing the reconnaissance needed to break in to do anything bad.

    • BestBouclettes@jlai.lu
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      I’m talking about home hosting and private keys. Not businesses with people whose full time job is to make sure everything runs fine.
      I’m a nobody and I regularly have people/bots testing my router. I’m not monitoring my whole setup yet and if someone gets in I would probably not notice until it’s too late.
      So hosting my own CA is a hassle and a security risk I’m not willing to put work into.

    • Findmysec@infosec.pub
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      3 months ago

      Ah, you mean they put the cert in a transparent proxy which logs all traffic? Neat idea, I should try it at home