Wow, how is this even legal to advertise? "... allows you to get/modify/inject a... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		hashmymustache on Feb 19, 2015 \| parent \| context \| favorite \| on: Extracting the SuperFish certificate Wow, how is this even legal to advertise? "... allows you to get/modify/inject all SSL traffic decrypted and without any warning messages to the user."

patcheudor on Feb 19, 2015 [–]

Sadly it allows anyone, not just "you" to modify SSL/TLS traffic since the Superfish MitM proxy is validating any cert. I have a screenshot here: http://defaultstore.com/four.png of it validating my transparent network MitM proxy provided cert and showing the lock in the address bar.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact