Wow, how is this even legal to advertise? "... allows you to get/modify/inject a... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

hashmymustache on Feb 19, 2015 | parent | context | favorite | on: Extracting the SuperFish certificate

Wow, how is this even legal to advertise?

"... allows you to get/modify/inject all SSL traffic decrypted and without any warning messages to the user."

patcheudor on Feb 19, 2015 [–]

Sadly it allows anyone, not just "you" to modify SSL/TLS traffic since the Superfish MitM proxy is validating any cert. I have a screenshot here: http://defaultstore.com/four.png of it validating my transparent network MitM proxy provided cert and showing the lock in the address bar.

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact