5 comments

[ 5.8 ms ] story [ 20.9 ms ] thread
Note that in the context of mass surveillance, MITM doesn't apply to Facebook because the NSA and GCHQ simply ask for data as per PRISM:

https://en.wikipedia.org/wiki/PRISM_%28surveillance_program%...

what about other countries , they have to MITM attack.
Yes, that's true except that according to a semi-recent Snowden interview many of the European intelligence agencies share information with each other, so they might just get it from NSA/GCHQ [1].

Some of the other large countries might not be as interested in Facebook because they have their own versions of it: Russia's VK, China's Qzone & Renren, Japan's Line, Iran's Cloob, etc.

[1] https://www.commondreams.org/headline/2014/01/27-1

I wonder how many of these I've caused by having Fiddler w/ HTTPS decryption enabled (to troubleshoot one session) while accessing FB or whatnot with the other.
I think some corporate firewalls might do some https decryption as well.