|
|
|
|
|
|
by jrockway
2717 days ago
|
|
|
You can't trust your client. The IT department will just push a browser that says "you're using the root CA for this connection" while actually using the MITM CA. Maybe you'll download your own Chrome, but that silently gives you their hacked version. The SHA256sum on their website has also been tampered with. Fine, you say, you'll download the source code and compile it yourself. But the compiler has been tampered with to detect when it's compiling Chromium, and adds the IT department's hacks. You cannot trust a client you do not fully control. |
|
|
Sometimes you either have your own device or you trust your employer to not directly lie to you.