Hacker News new | ask | show | jobs
by pilif 1355 days ago
I think you misunderstood my tale. I'm running a SaaS business and one of our customers users had this issue when they were interacting with the site because that end user's proxy server was arbitrary altering AJAX requests made by their browsers.

This is a end user making a request to an online shop and the POST request to "add product 123456 to the basket" gets changes to "add the product 12***6 to the basket" by a security* proxy between the end user and the web site.

This isn't specific to the site we run. This would have happened on any site they were posting to.
1 comments
alexvoda 1355 days ago
Shouldn't HTTPS prevent this unless the client has the certificate of the MITMer installed?

This being security theatre, it is entirely plausible that the "security" proxy actually decrypted trafic and required the user to have the certificate installed.

link
alexvoda 1355 days ago
As I was saying, (from uncle comment):

https://news.ycombinator.com/item?id=33095888

> I work at a government agency and here are my tales.

> 1) They install a root certificate on all machines and use that to MITM all TLS connections using a firewall appliance. They turn this MITM on one day without notifying any developer. Overnight, all our builds (run on-prem) fail because npm install, pip install etc fail and we spent a long time trying to figure it out. They are still failing to this day and I have to get off the VPN every time I need to run these simple commands. IT absolutely doesn't give a flying * about developers.

link