[squid-users] after changed from 3.4.13 to 3.5.8 sslbump doesn't work for the site https://banking.postbank.de/

Alex Rousskov rousskov at measurement-factory.com
Tue Sep 29 17:19:49 UTC 2015


On 09/29/2015 03:16 AM, Amos Jeffries wrote:
> On 29/09/2015 5:20 p.m., Yuri Voinov wrote:
>> Don't think so we can detect pinned apps automatically. You need find it
>> manually this time AFAIK.


> Correct. There is no way for Squid to know that some app running on a
> separate client device, installed a random time earlier via another
> network contains crypto keys. Or what they are used for when not
> transmitted over the network.


And this lack of information is unlikely to be resolved in the
foreseeable future because most of those who are doing the pinning
probably do not want to make bumping safer or, better, unnecessary. They
want to make it impractical or impossible.

Judging by the level of fanaticism of some of the primary players in the
area, and the increasing level of control they currently enjoy over the
"web", things will continue to overall worsen for the bumping crowd,
despite our efforts to make bumping safer.

Alex.



More information about the squid-users mailing list