Skip to main content

Search

Items tagged with: MITM


daniel, i respect and admire you for your considerate and respectful behavior, but would it be appropriate to point out the potential of unintended #mitm interception more clearly in this case?
i mean, the title could also have been "apple does not want you to notice when you are being wiretapped", or do i miss any other precaution they took for this not to happen?

also, i find it shocking that i don't find this shocking any more… 🤯

#mitm


@protonmail The problem is more like "fiddling with the contents" or doing anything in transit.

Cuz I do #E2EE the way it's meant to be done aka. #SelfCustody of #Keys and not some #MITM'ing "Appliance"...


Mitigating the Hetzner/Linode XMPP.ru MitM interception incident, part 2: XMPP-specific mitigations

https://www.devever.net/~hl/xmpp-incident-2

#xmpp #mitm #tls


#XSF Announcement

Recently there was an incident via a so called #man_in_the_middle attack happened to an #XMPP #server.

To reduce the risk of such attacks in the future an early stage service called CertWatch has been published by our Community: https://certwatch.xmpp.net/

Many thanks to Stephen P. Weber (@singpolyma)!

Read two related blog posts:
http://blog.jmp.chat/b/certwatch/certwatch

https://snikket.org/blog/on-the-jabber-ru-mitm/

#Jabber #mitm #security #vulnerability #machine_in_the_middle #chat


Detailed and credible looking report of #LawfulInterception #MitM on an #xmpp server hosted at #Hetzner in Germany: https://notes.valdikss.org.ru/jabber.ru-mitm/

Looks like a transparent bridge was deployed in front of the actual server, obtained dedicated certificates from #LetsEncrypt and MitMed all incoming client connections since July. It was discovered because the LE certificate expired 🤦