[liberationtech] Update - Parabon - Locksmith
Seth Schoen
schoen at eff.org
Sun Aug 25 16:39:03 PDT 2013
aduchesne writes:
> After a bit of further digging, Locksmith is a program to decrypt SSL.
>
> SSL LOCKSMITH
>
> http://www.scribd.com/doc/162984271/SSL-Locksmith
>
> How LOCKSMITH SSL MITM Admin in house attack actually works: (Encrypted PDF)
>
> http://ad-misc.s3.amazonaws.com/aduc12_cyber-security_08_product-unveiling-ssl-locksmith.pdf
According to these slides the target needs to install the MITM certificate
authority in their browser (see page 14). This is exactly the same design as
_many_ intercepting proxy firewalls.
--
Seth Schoen <schoen at eff.org>
Senior Staff Technologist https://www.eff.org/
Electronic Frontier Foundation https://www.eff.org/join
815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107
More information about the liberationtech
mailing list