On Sunday, January 18, 2015, John Levine <johnl@iecc.com> wrote:
So your idea is to block every HTTPS website? From my point of view, it is better than violate user privacy & safety.
Sneaky is evil.
I expect your users would fire you when they found you'd blocked access to Google.
And they would sue you for gross negligence for decrypting their ssn when access company payroll and cpni data
These boxes that violate end to end encryption are a great place for
hackers to steal the bank and identity info of everyone in your company.
Since the end user machines are generally running Windows, why would bad guys waste time on a much harder and more obscure target?
Who said the mitm box was not running windows ? That said, a properly admin'd win7 box is about as secure as any other end station in my opinion. Yea, win2k and xp were a pain, msft has come a long long way. The same cannot be said for Adobe or Java. CB