Hacker News new | ask | show | jobs
by jpswade 4871 days ago
No.

"Another is that traffic is encrypted. Many educational establishments will have some capability for filtering traffic to malicious URLs as it flows through their network. That’s easy with unencrypted traffic. If the site uses SSL, then you have to do some kind of SSL interception."
1 comments
joelthelion 4871 days ago
Network Admins need to learn that looking at what your users do and meddling with his data is not a legitimate activity. They should have learned that long ago. Fortunately, with encryption becoming more widespread, they will have to learn the lesson.
link
anonymouz 4871 days ago
The quote continued:

"That’s easy with unencrypted traffic. If the site uses SSL, then you have to do some kind of SSL interception. Straightforward on a corporate network full of tightly-managed systems. Much harder on a network full of student machines, visitor laptops and the like, and in our opinion, something to be avoided."

Obviously, they do not see intercepting traffic as desirable. But who has time to read the article before commenting these days...?

link
Pezmc 4871 days ago
Does SSL prevent the network admin from seeing the URL that is being visited? I did in fact read the article in full, but I was under the impression that the encryption just encrypted the data in the request.

From a read through of the Wikipedia article on SSL it's now clear to me that all HTTP headers are encrypted, including the requested path.

link
jacques_chester 4871 days ago
> Does SSL prevent the network admin from seeing the URL that is being visited?

My understanding is that SSL establishes an end-to-end secure channel, then HTTP is inside that channel. Consequently, GETs and POSTs are not visible to outside parties.

link
FourthProtocol 4871 days ago
If it's your network, and you graciously allow me to use it, and I, through my use of your network breach the security of systems on your network, would you not do anything in the interests of not meddling with my data?
link
bigfudge2 4871 days ago
Except the network belongs to the institution (i.e. its users), not the IT department (although most do seem to think this way).
link
eertami 4871 days ago
But as a student, you are paying for the network.
link