LinkedIn & Banking Browsers?

[NotHereToPlayGames]

No clue why my name was brought up.  No clue whatsoever.  A rib-jab, perhaps?

So I shall only add this, as I have also stated in the past - a web browser's "padlock" in the address bar is a "false sense of security", plain and simple.

ESPECIALLY for the XP crowd!  Regardless if you jumped through hoops to "update" certificates or not.  XP can not handle modern SSL technology and you can't "hack" XP to do so.

That "padlock" can be FAKED at the browser level to totally IGNORE "secure or not" at the Operating System level - the browser itself can put whatever padlock it so chooses (I have witnessed this in Chrome forks, but I suspect FAKES [can] exist in Firefox forks also).

A "padlock" at the browser level indicates nothing at the Operating System level - no matter what OS you are on.

A "padlock" at the browser level indicates nothing at the DNS level - Catsxp demonstrates that one really well, a lot of DNS traffic if-and-only-if you use its built-in DoH "security feature".

I shall remind all that 360Chrome on XP was never intended to "extend" the life of XP - it was only intended to function as a stop-gap for XP users to skip directly over Vista and 7 and jump straight to 10, not 11 or 12, but 10.

I've stated that in the past and I still believe that - 360Chrome is a stop-gap, nothing more, nothing less.

My preferred browser-of-choice (and as also stated, browser selection is always always ALWAYS a matter of personal CHOICE) nowadays is Marmaduke Ungoogled Chromium v112, nothing newer, nothing older - on Win 10.

Hope that will be enough to clear the mud.  

Edited May 8, 2023 by NotHereToPlayGames

[dmiranda]

8 hours ago, D.Draker said:

https://www.us-cert.gov/ncas/alerts/TA17-075A

You surely are up to date with your fine knowledge of cybersecurity.  Keep it up, because if that was indeed true 6 years ago, imagine what is today out there. Lions and Tigers and Bears, Oh my!

 

[dmiranda]

11 hours ago, D.Draker said:

LinkedIn works 100% fine with Chrome 102 (released a year ago, last May).

Perhaps you are not aware this is a forum called: Browsers working on Older NT-Family OSes

Linkedin works better than in chrome (more like in a cage, so to speak) in the latest librewolf in linuxmint, or (freeranging on your data) in its own shinny app in android. Be aware, though, that that has no bearings with what is being discussed here.

Edited May 8, 2023 by dmiranda

[mina7601]

5 hours ago, dmiranda said:

imagine what is today out there. Lions and Tigers and Bears,

Sorry for the off-topic, but I hope you continue being humorous like this, because reading this part made me laugh almost the entire day.

Edited May 8, 2023 by mina7601

[legacyfan]

5 hours ago, dmiranda said:

You surely are up to date with your fine knowledge of cybersecurity.  Keep it up, because if that was indeed true 6 years ago, imagine what is today out there. Lions and Tigers and Bears, Oh my!

 

you have gotten followed for this 

[D.Draker]

14 hours ago, dmiranda said:

You surely are up to date with your fine knowledge of cybersecurity.  Keep it up, because if that was indeed true 6 years ago, imagine what is today out there. Lions and Tigers and Bears, Oh my!

 

You would need to start this new conversation with "excuse me sir, I was wrong and rude, this will not happen in the future".

That's what polite, educated (and generally normal) people do.

14 hours ago, dmiranda said:

Perhaps you are not aware this is a forum called: Browsers working on Older NT-Family OSes

Linkedin works better than in chrome (more like in a cage, so to speak) in the latest librewolf in linuxmint, or (freeranging on your data) in its own shinny app in android. Be aware, though, that that has no bearings with what is being discussed here.

Yes, aware.The DPI fake cert method worked 6 years ago and earlier, so you're wrong, again.

Please restrain yourself from replying to me ever again, I'm not willing to share my knowledge with you anymore -

because you don't appreciate it, you're trying to cover your lack of info with cheap sarcasm, and it won't gonna work. Bye.

 

[dmiranda]

I promise to be polite, educated, and generally normal, like yerself. I stand corrected and in penance: you obviously don't know your own s***. Also your cybersecurity knowledge is not up to date, as you are alerting us about 6 year old problems you later tell us have not been an issue since. I'm wery sowy for not having stated that with much more clarity before.

In the meanwhile, and back on topic: very please, and with sugar on top, take notice of where are you writing and for what purpose. 

Edited May 9, 2023 by dmiranda

[roytam1]

On 5/9/2023 at 11:37 AM, D.Draker said:

You would need to start this new conversation with "excuse me sir, I was wrong and rude, this will not happen in the future".

That's what polite, educated (and generally normal) people do.

Yes, aware.The DPI fake cert method worked 6 years ago and earlier, so you're wrong, again.

Please restrain yourself from replying to me ever again, I'm not willing to share my knowledge with you anymore -

because you don't appreciate it, you're trying to cover your lack of info with cheap sarcasm, and it won't gonna work. Bye.

 

for DPI, you still need installing a Root Cert in browser's Cert Store in order to make it "look-like" transparent.

without doing this, users end-up getting "Unknown Issuer" security warning page instead.

[dmiranda]

And depending the country you are in, it is not uncommon to find "secure", even oficial sites with badly-made certificates, or with outdated ones. To accept them is either fruit of desperation, oblivion, or of well-informed browsing practices. Roytam1's subforum, and the three+ 360Chome subfora in the parent forum referenced above provide plenty of tips on how to do the later, particularly (but not only) in XP and Vista -very much like Mathwiz said, before.

For some problems there is no cure, though, but to trust Android, Windows8+ (forbidden in Germany, for instance, for official use due to its spyware nature), they'll take care of you :P, or go the way of Linux (i.e., Linkedin).   

 

Edited May 12, 2023 by dmiranda

[D.Draker]

On 5/10/2023 at 3:50 PM, roytam1 said:

for DPI, you still need installing a Root Cert in browser's Cert Store in order to make it "look-like" transparent.

without doing this, users end-up getting "Unknown Issuer" security warning page instead.

No.

New Gen sees through. "Using NG DPI, it is possible, for example, to identify an encrypted flow as trusted traffic which can be sent on its way without further analysis (e.g., MS Teams audio call), and a flow that requires full DPI processing, decryption and content (payload) analysis (e.g., SharePoint file transfer). NG DPI has evolved from standard DPI to meet three additional challenges"

That's way more than enough to confirm you've used a forbidden in China "evil" Western app and call cops on you (or add to the list: Russia and all similar DPI extensive users). 

They'll do further forensics with the PC on the location, don't worry.

https://cybersecurity-magazine.com/using-next-gen-dpi-to-ensure-visibility-and-control-for-security-service-edge/

by Erik Larsson

"Erik works with cybersecurity and networking use cases for Enea’s Qosmos DPI and traffic intelligence software. He has an extensive experience..."

[roytam1]

34 minutes ago, D.Draker said:

No.

New Gen sees through. "Using NG DPI, it is possible, for example, to identify an encrypted flow as trusted traffic which can be sent on its way without further analysis (e.g., MS Teams audio call), and a flow that requires full DPI processing, decryption and content (payload) analysis (e.g., SharePoint file transfer). NG DPI has evolved from standard DPI to meet three additional challenges"

That's way more than enough to confirm you've used a forbidden in China "evil" Western app and call cops on you (or add to the list: Russia and all similar DPI extensive users). 

They'll do further forensics with the PC on the location, don't worry.

https://cybersecurity-magazine.com/using-next-gen-dpi-to-ensure-visibility-and-control-for-security-service-edge/

by Erik Larsson

"Erik works with cybersecurity and networking use cases for Enea’s Qosmos DPI and traffic intelligence software. He has an extensive experience..."

because this is not MITM, this is kind of side-channel attack.

MITM DPI requires decryption and re-encryption IN TIME.

[D.Draker]

3 hours ago, roytam1 said:

because this is not MITM, this is kind of side-channel attack.

MITM DPI requires decryption and re-encryption IN TIME.

But Erik wrote: "full DPI processing, decryption and content (payload) analysis (e.g., SharePoint file transfer)".

Ok, another good example of using DPI would be LinkedIn being discussed here.

LinkedIn is totally forbidden in Russia, which is no wonder for a totalitarian state, so we leave it alone, but what we are interested in - how they block it. 

"...internet providers have already cut access to the site, which has more than six million members in Russia." - BBC UK

Now tell how their internet provider can cut off the access without DPI and MITM ? (more of a rhetorical question).

So they block LinkedIn completely (incuding ordinary browser visit), not only their app that was found by using its pattern. 

See the red pics from their largest ISP with proof. Source:

"LinkedIn blocked by Russian authorities"

https://www.bbc.co.uk/news/technology-38014501

Note: the article is 2016, they do it for a long time.

[roytam1]

Russia just got technologies from China. China's Great Firewall (GFW) do side-channel monitoring and attacks by DNS posioning, TCP RST attacks, plaintext TLS SNI filterings, and more.

[dmiranda]

Them dragons too.

[dmiranda]

Linkedin works now in a fresh sp52 profile.