[liberationtech] French Government doing SSL MITM
Shava Nerad
shava23 at gmail.com
Sun Dec 8 04:37:03 PST 2013
French harmonics? ;)
On Dec 8, 2013 7:35 AM, "Fabio Pietrosanti (naif)" <lists at infosecurity.ch>
wrote:
> Hi,
>
> a very dirty fact happened yesterday that still didn't have the
> appropriate attention.
>
> The French Government ANSSI made a MITM against Google SSL/TLS:
>
> http://googleonlinesecurity.blogspot.it/2013/12/further-improving-digital-certificate.html
>
> Google does not mention who's ANSSI.
>
> ANSSI is the French CyberSecurity agency, closely working with defense
> and intelligence agencies:
> http://www.ssi.gouv.fr/
>
> ANSSI declare that they are generating fake-certificate for the purpose
> to inspect SSL traffic:
> "ANSSI has found that the intermediate CA certificate was used in a
> commercial device, on a private network, to inspect encrypted traffic
> with the knowledge of the users on that network. "
>
> Google Detected the MITM and Blocked it:
> https://code.google.com/p/chromium/issues/detail?id=326787
>
> ANSSI issued a statement that it was a "Human Error" from someone from
> the Finance Ministry:
>
> http://www.ssi.gouv.fr/en/the-anssi/events/revocation-of-an-igc-a-branch-808.html
>
> So, the summary of the story can be read as follow:
> "A French Governmental Agency working on cybersecure with defense and
> intelligence agencies admitted that they are doing SSL MITM and that,
> due to a human error, they have been caught"
>
> --
> Fabio Pietrosanti (naif)
> HERMES - Center for Transparency and Digital Human Rights
> http://logioshermes.org - http://globaleaks.org - http://tor2web.org
>
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> companys at stanford.edu.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20131208/dc7ab0bd/attachment.html>
More information about the liberationtech
mailing list