You're looking at Less Wrong's discussion board. This includes all posts, including those that haven't been promoted to the front page yet. For more information, see About Less Wrong.

Baughn comments on Open thread, Feb. 9 - Feb. 15, 2015 - Less Wrong Discussion

6 Post author: MrMind 09 February 2015 09:12AM

You are viewing a comment permalink. View the original post to see all comments and the full post content.

Article Navigation

Comments (321)

Tags: open_thread

Comments (321)

Sort By: Best

Show:

You are viewing a single comment's thread. Show more comments above.

Comment author: Douglas_Knight 12 February 2015 01:40:27AM 3 points [-]

Simply sniffing https packets is worthless. At most it tells you the length of the session. It's exactly the adversary that TLS is designed to foil. You need the session key to decrypt it, so, you need to hook into the TLS implementation.

Comment author: Baughn 13 February 2015 12:39:51AM * 1 point [-]

Or make your own CA, install that certificate in your browser and MITM the connection. Probably easier than changing your browser's code; can easily be done all on a single system.

Baughn comments on Open thread, Feb. 9 - Feb. 15, 2015 - Less Wrong Discussion

Article Navigation

Comments (321)

Nearest Meetups

Virtual Study Room

Recent Comments

Recent Posts

Recent Open Threads

Recent Rationality Diaries

Recent Wiki Edits

Top Contributors, 30 Days

Recent Karma Awards

Comments (321)

Top Contributors, 30 Days

You'll need to login or register to do that

(Don't worry, it only takes a few seconds)

Create

Login