Comment by subscribed

6 hours ago

Not if someone can issue the certificate signed by the CA your phone trust.

Imagine being in a cafe nearby, say, embassy of the certain north African country known for pervasive and wide espionage actions, which decides to hijack traffic in this cafe.

Or imagine living in the country where almost all of the cabinet is literally (officially) being paid by the propaganda/lobbying body of such country.

Or living int he country where lawful surveillance can happen without the jury signoff, but at a while of any police officer.

Maybe its not common but frequent enough.

12 comments

subscribed

Reply
Gigachad  3 hours ago

This is stopped by certificate transparency logs. Your software should refuse to accept a certificate which hasn’t been logged in the transparency logs, and if a rogue CA issues a fraudulent certificate, it will be detected.

  • fc417fc802  2 minutes ago

    I don't believe it's supposed to proactively check the logs as that would inevitably break in the presence of properly configured MITM middleboxes which are present on many (most?) corporate networks.

    The point of the logs as I understand it is to surface events involving official CAs after the fact.

  • malmeloo  1 hour ago

    Certificate transparency doesn't prevent misissuance, it only makes detection easier after the fact. Someone still needs to be monitoring CT and revoke the cert. I actually believe most HTTP stacks on Android don't even check cert revocations by default.

layer8  6 hours ago

> Imagine being in a cafe nearby, say, embassy of the certain north African country known for pervasive and wide espionage actions, which decides to hijack traffic in this cafe.

How would they get your phone to trust their CA? Connecting to a Wi-Fi network doesn’t change which CAs a device trusts.