GoGo Inflight Internet More Of A No-Go

Flying the not-so-friendly skies

Some decidedly slippery shenanigans in play, according to this article in Neowin.
SSL/TLS is a protocol that exists to ensure that there is an avenue for secure communication over the Internet. Through the use of cryptography and certificate validation, SSL certificates make man-in-the-middle attacks (where a third party would be able monitor your internet traffic) difficult, so the transmission of things like credit card numbers and user account passwords becomes significantly safer. In this case, performing a man-in-the-middle attack would require the attacker to attack the SSL certificate first before being able to snoop on someone's traffic.

For whatever reason, however, Gogo Inflight Internet seems to believe that they are justified in performing a man-in-the-middle attack on their users. Adrienne Porter Felt, an engineer that is a part of the Google Chrome security team, discovered while on a flight that she was being served SSL certificates from Gogo when she was requesting Google sites. Looking at the issuer of the certificate, rather than being issued by Google, it was being issued by Gogo
.
NeoWin

Comments

Popular posts from this blog

VPN Use Is Up, Up, Up

Q4OS Linux On An Old Windows Laptop

Google AIY Voice Kit For Rasperry Pi