Matthew GreenMar 31, 2024
This thing Facebook did โ€” running an MITM on Snapchat and other competitorsโ€™ TLS connections via their Onavo VPN โ€” is so deeply messed up and evil that it completely changes my perspective on what that company is willing to do to its users.
Show thread๐“๐“ท๐“ญ๐”‚๐“ฃ๐“ฒ๐“ฎ๐“ญ๐”‚๐“ฎ ๐“€คMar 31, 2024
@matthew_d_green How does that even work? They should get a certificate error when someone is trying to do a MITM.
Show threadArtemesia

@andytiedye @matthew_d_green

Not if they MITMed the certificate download in the first place.

Mar 31, 2024 at 3:57pmWeb
Show thread๐“๐“ท๐“ญ๐”‚๐“ฃ๐“ฒ๐“ฎ๐“ญ๐”‚๐“ฎ ๐“€คMar 31, 2024

@artemesia @matthew_d_green If them MITM the SSL/TLS connection, they are doing that anyway, but how would they get a valid certificate for a competitor?

Of course their own app could ignore the invalid certificates, but we don't have to use it.