Ask HN: What all content can a MitM proxy/app decrypt from the HTTPS traffic?

Y	Hacker News new \| ask \| show \| jobs

	Ask HN: What all content can a MitM proxy/app decrypt from the HTTPS traffic?
	1 points by m33k44 1387 days ago
	If I install something like Wireshark, Fiddler or mitmproxy, will I be able to decrypt all HTTPS content flowing from my computer to the application server of interest? If yes, then how to secure web traffic against such activity?

1 comments

alrlroipsp 1387 days ago

> If I install something like Wireshark, Fiddler or mitmproxy, will I be able to decrypt all HTTPS content flowing from my computer to the application server of interest?

Yes.

> If yes, then how to secure web traffic against such activity?

By uninstalling Wireshark, Fiddler or mitmproxy.

link

m33k44 1386 days ago

> By uninstalling Wireshark, Fiddler or mitmproxy.

Well, I was interested in preventing others from sniffing the traffic. If I am the app owner or an app user, then anyone on the LAN or shared home network can sniff the traffic.

link

alrlroipsp 1386 days ago

> I was interested in preventing others from sniffing the traffic.

Unless you let others access your mitmproxy setup, then you do not need to worry.

link