When governments openly MITM what could go wrong?

others will follow.
and so it begins…


Holy god. This is some dangerous shit. I would expect other nations to follow through with MITM attacks soon.

1 Like

It’s unclear to me how it fails, unless reading between the lines is necessary. This quote was interesting:

The notice-to-be-mitm also specifies that Linux users are exempt from downloading this rogue cert:

“[…] the installation of a security certificate must be performed from each device that will be used to access the Internet (mobile phones and tablets based on iOS / Android, personal computers and laptops based on Windows / MacOS).”

I guess it’s based on literal interpretation as the text doesn’t say “e.g.” or “including”.

1 Like


It looks like ESNI can protect from this for now.

dns.google.com hits my eyes as I have lately been talking about Android 9 Private DNS also on this forum and thus I happen to know that Google tells Android 9 users to point their Private DNS to dns.google instead.

allo.google.com is also interesting as going there gives this notice: