upvote

points

by r4indeer6 hours ago |
comments
upvoteby subscribed3 hours ago|
next
[-]
Not if someone can issue the certificate signed by the CA your phone trust.

Imagine being in a cafe nearby, say, embassy of the certain north African country known for pervasive and wide espionage actions, which decides to hijack traffic in this cafe.

Or imagine living in the country where almost all of the cabinet is literally (officially) being paid by the propaganda/lobbying body of such country.

Or living int he country where lawful surveillance can happen without the jury signoff, but at a while of any police officer.

Maybe its not common but frequent enough.

reply
upvoteby Gigachad20 minutes ago|
parent|
next
[-]
This is stopped by certificate transparency logs. Your software should refuse to accept a certificate which hasn’t been logged in the transparency logs, and if a rogue CA issues a fraudulent certificate, it will be detected.
reply
upvoteby layer83 hours ago|
parent|
prev|
next
[-]
> Imagine being in a cafe nearby, say, embassy of the certain north African country known for pervasive and wide espionage actions, which decides to hijack traffic in this cafe.

How would they get your phone to trust their CA? Connecting to a Wi-Fi network doesn’t change which CAs a device trusts.

reply
upvoteby Galanwe2 hours ago|
parent|
[-]
Because there is a quadrillion trusted CAs in every device you might use. A good chunk of these CAs have been compromised at one point or another, and rogue certificates are sold in the dark market. Also any goverment can coerce a domiciled CA to issue certs for their needs.
reply
upvoteby technion21 minutes ago|
parent|
next
[-]
If you go down this path you argue desktop browsing https is broken, which i dont think is a serious argument.
reply
upvoteby hvb22 hours ago|
parent|
prev|
[-]
That is a wild claim. I can't imagine that being correct given how that's been abused in the past

https://www.eff.org/deeplinks/2011/08/iranian-man-middle-att...

reply
upvoteby ceejayoz1 hours ago|
parent|
next
[-]
It's a pretty huge list.

https://support.apple.com/en-us/126047

The chances of zero of these CAs having been compromised by state-level actors seems… slim.

Do you trust "Hongkong Post Root CA 3" not to fuck with things?

Your link's from 2011; the US government was still in the trusted list until 2018. https://www.idmanagement.gov/implement/announcements/04_appl...

reply
upvoteby cookiengineer2 hours ago|
parent|
prev|
[-]
> That is a wild claim

China telecom regularly has BGP announcements that conflict with level3's ASNs.

Just as a hint in case you want to dig more into the topic, RIR data is publicly available, so you can verify yourself who the offenders are.

Also check out the Geedge leaked source code, which also implements TLS overrides and inspection on a country scale. A lot of countries are customers of Geedge's tech stack, especially in the Middle East.

Just sayin' it's more common than you're willing to acknowledge.

reply
upvoteby kevin_thibedeau2 hours ago|
parent|
prev|
[-]
Israel is not in Africa.
reply
upvoteby thegagne6 hours ago|
prev|
[-]
Not if you are part of an org that uses MDM and pushes their own CA to devices.
reply
upvoteby r4indeer6 hours ago|
parent|
[-]
Ok, fair point. However, I would consider any MDM-enabled device fully "compromised" in the sense that the org can see and modify everything I do on it.
reply
upvoteby p2detar5 hours ago|
parent|
[-]
An MDM orga cannot install a trusted CA on non-supervised (company owned) devices. By default on BYOD these are untrusted and require manual trust. It also cannot see everything on your device - certainly not your email, notes or files, or app data.
reply
upvoteby layer83 hours ago|
parent|
next
[-]
If it is untrusted, you also won’t have a TLS connection be established based on that CA.
reply