sqgl@sh.itjust.works to Technology@lemmy.worldEnglish · 26 days agoNorth Korean infiltrator caught working in Amazon IT department thanks to lag — 110ms keystroke input raises red flags over true locationwww.tomshardware.comexternal-linkmessage-square37fedilinkarrow-up1307arrow-down15file-textcross-posted to: world@lemmy.world
arrow-up1302arrow-down1external-linkNorth Korean infiltrator caught working in Amazon IT department thanks to lag — 110ms keystroke input raises red flags over true locationwww.tomshardware.comsqgl@sh.itjust.works to Technology@lemmy.worldEnglish · 26 days agomessage-square37fedilinkfile-textcross-posted to: world@lemmy.world
minus-squareBrkdncr@lemmy.worldlinkfedilinkEnglisharrow-up14·26 days agoYou’re sure they aren’t decrypting your traffic? Check the root cert of any site and see if it’s their own root.
minus-squareBrianTheeBiscuiteer@lemmy.worldlinkfedilinkEnglisharrow-up3·26 days agoThis is definitely a thing.
minus-squareEncrypt-Keeper@lemmy.worldlinkfedilinkEnglisharrow-up2arrow-down1·26 days agoOnly if the site they’re visiting isn’t using HSTS, but it’s possible
minus-squarefoobaz@lemmy.worldlinkfedilinkEnglisharrow-up3arrow-down1·26 days agoI don’t think this is correct. HSTS only prevents downgrading.
minus-squarefonix232@fedia.iolinkfedilinkarrow-up2·26 days agoYep, they’re not decrypting HTTPS, I’ve triple checked. But we do have an MDM forced proxy service that does check any non-encrypted traffic…
You’re sure they aren’t decrypting your traffic? Check the root cert of any site and see if it’s their own root.
This is definitely a thing.
Only if the site they’re visiting isn’t using HSTS, but it’s possible
I don’t think this is correct. HSTS only prevents downgrading.
Yep, they’re not decrypting HTTPS, I’ve triple checked. But we do have an MDM forced proxy service that does check any non-encrypted traffic…