sqgl@sh.itjust.works to Technology@lemmy.worldEnglish · 19 hours agoNorth Korean infiltrator caught working in Amazon IT department thanks to lag — 110ms keystroke input raises red flags over true locationwww.tomshardware.comexternal-linkmessage-square37fedilinkarrow-up1256arrow-down15file-textcross-posted to: world@lemmy.world
arrow-up1251arrow-down1external-linkNorth Korean infiltrator caught working in Amazon IT department thanks to lag — 110ms keystroke input raises red flags over true locationwww.tomshardware.comsqgl@sh.itjust.works to Technology@lemmy.worldEnglish · 19 hours agomessage-square37fedilinkfile-textcross-posted to: world@lemmy.world
minus-squareBrkdncr@lemmy.worldlinkfedilinkEnglisharrow-up9·16 hours agoYou’re sure they aren’t decrypting your traffic? Check the root cert of any site and see if it’s their own root.
minus-squarefonix232@fedia.iolinkfedilinkarrow-up2·7 hours agoYep, they’re not decrypting HTTPS, I’ve triple checked. But we do have an MDM forced proxy service that does check any non-encrypted traffic…
minus-squareBrianTheeBiscuiteer@lemmy.worldlinkfedilinkEnglisharrow-up3·16 hours agoThis is definitely a thing.
minus-squareEncrypt-Keeper@lemmy.worldlinkfedilinkEnglisharrow-up2arrow-down1·15 hours agoOnly if the site they’re visiting isn’t using HSTS, but it’s possible
minus-squarefoobaz@lemmy.worldlinkfedilinkEnglisharrow-up3arrow-down1·13 hours agoI don’t think this is correct. HSTS only prevents downgrading.
You’re sure they aren’t decrypting your traffic? Check the root cert of any site and see if it’s their own root.
Yep, they’re not decrypting HTTPS, I’ve triple checked. But we do have an MDM forced proxy service that does check any non-encrypted traffic…
This is definitely a thing.
Only if the site they’re visiting isn’t using HSTS, but it’s possible
I don’t think this is correct. HSTS only prevents downgrading.