[squid-users] Newbie question, How to fully disable/disallow https?
Antony Stone
Antony.Stone at squid.open.source.it
Tue Jun 22 22:37:50 UTC 2021
On Wednesday 23 June 2021 at 00:06:21, Coenraad Loubser wrote:
> I'm sure there are many other ways to do this too... again, what's your
> real use case here?
My _guess_ now that I know Arctic 5824 is deliberately running an open web
proxy on the Internet (with co-operation from the hosting provider or not) is
that the objective is to convert all HTTPS connections into HTTP so that the
content can be cached / scraped / captured on the way past, and the
"interesting bits" used later, perhaps by some of Artic5824's "customers"
without the people who chose to browse the Internet through an open proxy
realising that this is even possible.
It's possibly even being advertised / promoted / sold as an "anonymising
service", where people can browse the sort of websites they would prefer not
to do directly through their own connectivity providers, comfortable in the
knowledge that the IP address hitting those sites is not theirs, but not
realising that the HTTP traffic they are then using can be intercepted and
examined not only by Artic5824 but also by their connectivity provider's
transparent interception proxy.
I'd be happy to entertain any less dubious explanation of what the real
purpose in setting up such a system might be.
Antony.
--
There's a good theatrical performance about puns on in the West End. It's a
play on words.
Please reply to the list;
please *don't* CC me.
More information about the squid-users
mailing list