<?xml version="1.0" encoding="UTF-8"?>
 <rdf:RDF xmlns="http://purl.org/rss/1.0/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cc="http://web.resource.org/cc/" xmlns:syn="http://purl.org/rss/1.0/modules/syndication/" xmlns:admin="http://webns.net/mvcb/">
  <channel rdf:about="http://pinboard.in">
    <title>Pinboard (jm)</title>
    <link>https://pinboard.in/u:jm/public/</link>
    <description>recent bookmarks from jm</description>
    <items>
      <rdf:Seq>	<rdf:li rdf:resource="https://twitter.com/haxrob/status/1772766039199363375"/>
	<rdf:li rdf:resource="https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1624320"/>
	<rdf:li rdf:resource="https://www.scrapingbee.com/blog/charles-proxy/"/>
	<rdf:li rdf:resource="https://seancoates.com/blogs/how-i-helped-fix-canadas-covid-alert-app"/>
	<rdf:li rdf:resource="https://www.schneier.com/blog/archives/2015/08/using_samsungs_.html"/>
	<rdf:li rdf:resource="https://github.com/h2non/toxy#latency"/>
	<rdf:li rdf:resource="http://marcrogers.org/2015/02/19/will-the-madness-never-end-komodia-ssl-certificates-are-everywhere/"/>
	<rdf:li rdf:resource="http://www.theverge.com/2015/2/19/8069127/superfish-password-certificate-cracked-lenovo"/>
	<rdf:li rdf:resource="http://blog.ontoillogical.com/blog/2014/07/28/how-to-take-over-any-java-developer/"/>
	<rdf:li rdf:resource="http://www.renesys.com/2013/11/mitm-internet-hijacking/"/>
	<rdf:li rdf:resource="http://blog.ivanristic.com/2013/08/defending-against-the-breach-attack.html"/>
	<rdf:li rdf:resource="http://www.dnsleaktest.com/what-is-transparent-dns-proxy.php"/>
	<rdf:li rdf:resource="http://danteslab-eng.blogspot.ie/2012/04/mig-in-middle.html"/>
	<rdf:li rdf:resource="http://www.imperialviolet.org/2011/05/04/pinning.html"/>
      </rdf:Seq>
    </items>
  </channel><item rdf:about="https://twitter.com/haxrob/status/1772766039199363375">
    <title>Deep dive into Facebook's MITM hacking of customer phones</title>
    <dc:date>2024-03-28T10:06:10+00:00</dc:date>
    <link>https://twitter.com/haxrob/status/1772766039199363375</link>
    <dc:creator>jm</dc:creator><description><![CDATA[This is frankly disgusting, and I hope FB (and their engineers) get the book thrown at them.

Back in 2019, Facebook wanted to snoop on SnapChat, YouTube and Amazon user activity, so they used Onavo, a VPN provider they had acquired in 2013, and added code to their Android VPN app to MITM user SSL traffic to their hosts, then phone home with analytics and logs regarding user activity on those apps and sites.

This Twitter thread is a detailed teardown of what the surveillance "VPN" app got up to.

The bad news: back in 2019, installing a MITM SSL cert didn't even pop up a warning on Android.

The good news: this is significantly harder to do on modern Android devices, as it requires remounting a system filesystem in read/write mode (which needs a jailbreak).]]></description>
<dc:subject>android security mitm exploits hacking facebook onavo snapchat surveillance youtube amazon vpns ssl tls</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:ffe21525906c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:android"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:mitm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:exploits"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:hacking"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:facebook"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:onavo"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:snapchat"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:surveillance"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:youtube"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:amazon"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:vpns"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:tls"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1624320">
    <title>Bug #1624320 “systemd-resolved appends 127.0.0.53 to resolv.conf...” : Bugs : systemd package : Ubuntu</title>
    <dc:date>2021-12-10T11:00:21+00:00</dc:date>
    <link>https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1624320</link>
    <dc:creator>jm</dc:creator><description><![CDATA[Wow; recent Ubuntu versions force name resolution to operate via the systemd-resolved DNS resolver, which has some pretty major bugs and omissions:

<blockquote>This bug just compromised every ubuntu machine on my network. It falsely says that DNSSEC is not supported by the nameserver and resorts to non-DNSSEC resolution. So every machine on my network just accepted bogus DNS replies from a MITM. Thanks.</blockquote>

Is there anything systemd can't break :(]]></description>
<dc:subject>systemd fail dns dnssec mitm security resolvers ubuntu bugs linux</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:56f29ab67900/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:systemd"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:fail"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:dns"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:dnssec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:mitm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:resolvers"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:ubuntu"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:bugs"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:linux"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.scrapingbee.com/blog/charles-proxy/">
    <title>Charles proxy for web scraping</title>
    <dc:date>2020-11-13T18:09:17+00:00</dc:date>
    <link>https://www.scrapingbee.com/blog/charles-proxy/</link>
    <dc:creator>jm</dc:creator><description><![CDATA[wow, Charles is nifty. must give it a go next time I'm scraping something]]></description>
<dc:subject>scraping mitm charles web http proxies web-scraping automation</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:7a89e2e70395/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:scraping"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:mitm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:charles"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:web"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:http"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:proxies"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:web-scraping"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:automation"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://seancoates.com/blogs/how-i-helped-fix-canadas-covid-alert-app">
    <title>How I helped fix Canadaʼs COVID Alert app</title>
    <dc:date>2020-08-24T21:23:05+00:00</dc:date>
    <link>https://seancoates.com/blogs/how-i-helped-fix-canadas-covid-alert-app</link>
    <dc:creator>jm</dc:creator><description><![CDATA[Nice writeup of using mitmproxy to detect unwanted accesses to a Google endpoint in an iOS app]]></description>
<dc:subject>mitmproxy mitm https ios apps reversing</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:79da8f2472d6/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:mitmproxy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:mitm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:https"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:ios"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:apps"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:reversing"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.schneier.com/blog/archives/2015/08/using_samsungs_.html">
    <title>Using Samsung's Internet-Enabled Refrigerator for Man-in-the-Middle Attacks</title>
    <dc:date>2015-09-01T10:51:47+00:00</dc:date>
    <link>https://www.schneier.com/blog/archives/2015/08/using_samsungs_.html</link>
    <dc:creator>jm</dc:creator><description><![CDATA[<blockquote>Whilst the fridge implements SSL, it FAILS to validate SSL certificates, thereby enabling man-in-the-middle attacks against most connections. This includes those made to Google's servers to download Gmail calendar information for the on-screen display. So, MITM the victim's fridge from next door, or on the road outside and you can potentially steal their Google credentials.</blockquote>

The Internet of Insecure Things strikes again.]]></description>
<dc:subject>iot security fridges samsung fail mitm ssl tls google papers defcon</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:d6fa2d55d6f6/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:iot"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:fridges"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:samsung"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:fail"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:mitm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:google"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:papers"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:defcon"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/h2non/toxy#latency">
    <title>toxy</title>
    <dc:date>2015-08-28T11:19:51+00:00</dc:date>
    <link>https://github.com/h2non/toxy#latency</link>
    <dc:creator>jm</dc:creator><description><![CDATA[<blockquote>toxy is a fully programmatic and hackable HTTP proxy to simulate server failure scenarios and unexpected network conditions. It was mainly designed for fuzzing/evil testing purposes, when toxy becomes particularly useful to cover fault tolerance and resiliency capabilities of a system, especially in service-oriented architectures, where toxy may act as intermediate proxy among services.

toxy allows you to plug in poisons, optionally filtered by rules, which essentially can intercept and alter the HTTP flow as you need, performing multiple evil actions in the middle of that process, such as limiting the bandwidth, delaying TCP packets, injecting network jitter latency or replying with a custom error or status code.</blockquote>

]]></description>
<dc:subject>toxy proxies proxy http mitm node.js soa network failures latency slowdown jitter bandwidth tcp</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:4cc87b3a400a/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:toxy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:proxies"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:proxy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:http"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:mitm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:node.js"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:soa"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:network"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:failures"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:latency"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:slowdown"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:jitter"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:bandwidth"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:tcp"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://marcrogers.org/2015/02/19/will-the-madness-never-end-komodia-ssl-certificates-are-everywhere/">
    <title>Will the madness never end? Komodia SSL certificates are EVERYWHERE</title>
    <dc:date>2015-02-19T23:41:17+00:00</dc:date>
    <link>http://marcrogers.org/2015/02/19/will-the-madness-never-end-komodia-ssl-certificates-are-everywhere/</link>
    <dc:creator>jm</dc:creator><description><![CDATA[<blockquote>I think that at this point it is safe to assume that any SSL interception product sold by Komodia or based on the Komodia SDK is going to be using the same method. What does this mean? Well, this means that those dodgy certificates aren’t limited to Lenovo laptops sold over a specific date range. It means that anyone who has come into contact with a Komodia product, or who has had some sort of Parental Control software installed on their computer should probably check to see if they are affected.</blockquote>

]]></description>
<dc:subject>komodia via:jgc ssl lenovo parental-control censorware mitm</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:cea5b044b113/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:komodia"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:via:jgc"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:lenovo"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:parental-control"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:censorware"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:mitm"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.theverge.com/2015/2/19/8069127/superfish-password-certificate-cracked-lenovo">
    <title>The Superfish certificate has been cracked, exposing Lenovo users to attack | The Verge</title>
    <dc:date>2015-02-19T21:41:15+00:00</dc:date>
    <link>http://www.theverge.com/2015/2/19/8069127/superfish-password-certificate-cracked-lenovo</link>
    <dc:creator>jm</dc:creator><description><![CDATA[<blockquote>The cracked certificate exposes Lenovo users to man-in-the-middle attacks, similar to those opened up by Heartbleed. Armed with this password and the right software, a coffee shop owner could potentially spy on any Lenovo user on her network, collecting any passwords that were entered during the session. The evil barista could also insert malware into the data stream at will, disguised as a software update or a trusted site.</blockquote>

Amazingly stupid.]]></description>
<dc:subject>superfish inept ca ssl tls lenovo mitm security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:26af7d2dade0/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:superfish"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:inept"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:ca"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:lenovo"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:mitm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://blog.ontoillogical.com/blog/2014/07/28/how-to-take-over-any-java-developer/">
    <title>How to take over the computer of any JVM developer</title>
    <dc:date>2014-07-29T09:14:15+00:00</dc:date>
    <link>http://blog.ontoillogical.com/blog/2014/07/28/how-to-take-over-any-java-developer/</link>
    <dc:creator>jm</dc:creator><description><![CDATA[<blockquote>To prove how easy [MITM attacking Mavencentral JARs] is to do, I wrote dilettante, a man-in-the-middle proxy that intercepts JARs from maven central and injects malicious code into them. Proxying HTTP traffic through dilettante will backdoor any JARs downloaded from maven central. The backdoored version will retain their functionality, but display a nice message to the user when they use the library. </blockquote>

]]></description>
<dc:subject>jars dependencies java build clojure security mitm http proxies backdoors scala maven gradle</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:f51524567408/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:jars"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:dependencies"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:java"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:build"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:clojure"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:mitm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:http"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:proxies"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:backdoors"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:scala"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:maven"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:gradle"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.renesys.com/2013/11/mitm-internet-hijacking/">
    <title>The New Threat: Targeted Internet Traffic Misdirection</title>
    <dc:date>2013-11-20T22:54:23+00:00</dc:date>
    <link>http://www.renesys.com/2013/11/mitm-internet-hijacking/</link>
    <dc:creator>jm</dc:creator><description><![CDATA[MITM attacks via BGP route hijacking now relatively commonplace on the internet, with 60 cases observed so far this year by Renesys]]></description>
<dc:subject>bgp mitm internet security routing attacks hijacking</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:b914434fa18f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:bgp"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:mitm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:internet"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:routing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:attacks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:hijacking"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://blog.ivanristic.com/2013/08/defending-against-the-breach-attack.html">
    <title>Ivan Ristić: Defending against the BREACH attack</title>
    <dc:date>2013-08-07T20:33:04+00:00</dc:date>
    <link>http://blog.ivanristic.com/2013/08/defending-against-the-breach-attack.html</link>
    <dc:creator>jm</dc:creator><description><![CDATA[One interesting response to this HTTPS compression-based MITM attack:

<blockquote>The award for least-intrusive and entirely painless mitigation proposal goes to Paul Querna who, on the httpd-dev mailing list, proposed to use the HTTP chunked encoding to randomize response length. Chunked encoding is a HTTP feature that is typically used when the size of the response body is not known in advance; only the size of the next chunk is known. Because chunks carry some additional information, they affect the size of the response, but not the content. By forcing more chunks than necessary, for example, you can increase the length of the response. To the attacker, who can see only the size of the response body, but not anything else, the chunks are invisible. (Assuming they're not sent in individual TCP packets or TLS records, of course.)  This mitigation technique is very easy to implement at the web server level, which makes it the least expensive option. There is only a question about its effectiveness. No one has done the maths yet, but most seem to agree that response length randomization slows down the attacker, but does not prevent the attack entirely. But, if the attack can be slowed down significantly, perhaps it will be as good as prevented.</blockquote>

]]></description>
<dc:subject>mitm attacks hacking security compression http https protocols tls ssl tcp chunked-encoding apache</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:13c0a7ba2031/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:mitm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:attacks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:hacking"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:compression"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:http"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:https"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:protocols"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:tcp"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:chunked-encoding"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:apache"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.dnsleaktest.com/what-is-transparent-dns-proxy.php">
    <title>transparent DNS proxies</title>
    <dc:date>2013-04-24T15:17:25+00:00</dc:date>
    <link>http://www.dnsleaktest.com/what-is-transparent-dns-proxy.php</link>
    <dc:creator>jm</dc:creator><description><![CDATA[Ugh.  low-end ISPs MITM'ing DNS queries:
<blockquote>
Some ISP's are now using a technology called 'Transparent DNS proxy'. Using this technology, they will intercept all DNS lookup requests (TCP/UDP port 53) and transparently proxy the results. This effectively forces you to use their DNS service for all DNS lookups.
If you have changed your DNS settings to an open DNS service such as Google, Comodo or OpenDNS expecting that your DNS traffic is no longer being sent to your ISP's DNS server, you may be surprised to find out that they are using transparent DNS proxying.</blockquote>

(via Nelson)]]></description>
<dc:subject>via:nelson dns isps proxying mitm phorm attacks</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:544f8cf96ebf/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:via:nelson"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:dns"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:isps"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:proxying"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:mitm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:phorm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:attacks"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://danteslab-eng.blogspot.ie/2012/04/mig-in-middle.html">
    <title>The &quot;MIG-in-the-middle&quot; attack</title>
    <dc:date>2012-12-05T21:06:57+00:00</dc:date>
    <link>http://danteslab-eng.blogspot.ie/2012/04/mig-in-middle.html</link>
    <dc:creator>jm</dc:creator><description><![CDATA[or, a very effective demonstration of a man-in-the-middle interception and replay attack, from a 1980s Namibia-Angola war, via Ross Anderson]]></description>
<dc:subject>security mig war mitm</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:64814b04f2f0/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:mig"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:war"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:mitm"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.imperialviolet.org/2011/05/04/pinning.html">
    <title>Chrome to get HTTPS public key pinning</title>
    <dc:date>2011-05-04T21:45:19+00:00</dc:date>
    <link>http://www.imperialviolet.org/2011/05/04/pinning.html</link>
    <dc:creator>jm</dc:creator><description><![CDATA['Starting with Chrome 13, we'll have HTTPS pins for most Google properties. This means that certificate chains for, say, https://www.google.com, must include a whitelisted public key. It's a fatal error otherwise.'  good anti-MITM protection]]></description>
<dc:subject>https ssl http web security mitm sniffing chrome</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:b5dfb3142372/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:https"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:http"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:web"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:mitm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:sniffing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:chrome"/>
</rdf:Bag></taxo:topics>
</item>
</rdf:RDF>