3 دیدگاه برای “نصب VPN ریشه برگ گواهی شما بیشتر “vulnerable.txt” دو snooping”

  1. The VPNs that install their own root CAs are generally the ones that are for corporate businesses, not privacy VPN services.

    For example, a corporate VPN called Bluecoat (I think they are owned by Symantec now?) is pretty common that uses this technique. This allows the Bluecoat device to become a man-in-the-middle and decrypt ALL information that passes through this device so that it can scan all of the inbound and outbound data for threats like viruses. This involves stripping SSL encryption tunnels, (analyzing the data) and applying their own encryption using via SSL using their trusted CA certificate.

    In the corporate world, this functionality can be good because it allows the network to further trust the devices that connect to it through the VPN.

    In the privacy world, this is a worst case scenario, as it allows the VPN to see everything, including SSL-encryption on HTTPS websites.

  2. I don’t see any certs installed in my browser by either of the commercial normal-user VPNs I use.

    But this brings up some interesting questions:

    – Do the certs installed under “Servers” reveal some of your browsing history ? If you have a cert for “weirdsexualstuff.com”, that means you’ve visited that site. I assume there’s no downside to deleting those certs, even deleting ALL of them.

    – Under “Authorities”, I see a couple of certs from China, and one from DigiNotar (see https://en.wikipedia.org/wiki/DigiNotar). I assume it’s a good idea to delete those. Still plenty of certs from other authorities, such as Verisign.

    [Edit:]

    – Will any of the browsers report “hey, a new certificate was installed since last time the browser was running” ? I think they should.

دیدگاه‌ها بسته شده‌اند.