Hacker News new | ask | show | jobs
by raesene9 2775 days ago
for Google traffic, assuming certificate pinning is in place, I can't see this being that successful.

However for more general traffic, well look at the trusted root list in your browser/OS. Realise that every single one of those trusted routes can issue certificates for a given domain...
1 comments
dasm 2775 days ago
Thanks. Since it appears all this traffic is Google-related, any guesses as to what the attacker could have gained here?
link
raesene9 2775 days ago
This could just be a mistake of course, malicious intent isn't needed :)

Of the top of my head, assuming malicious intent, well not all browser (especially older ones) do certificate pinning, so perhaps then Chinese users of Google services using old browsers would find their traffic being intercepted?

Past that the leakage would seem fairly minor, a list of source IP addresses and destination hosts.

link