Technology

77928 readers

2750 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

L3s@lemmy.world

enu@lemmy.world

technopagan@lemmy.world

L4s@lemmy.world

L3s@hackingne.ws

L4s@hackingne.ws

354

North Korean infiltrator caught working in Amazon IT department thanks to lag — 110ms keystroke input raises red flags over true location (www.tomshardware.com)

submitted 6 days ago by sqgl@sh.itjust.works to c/technology@lemmy.world

50 comments fedilink hide all child comments

https://archive.is/sfYWG

you are viewing a single comment's thread
view the rest of the comments

[–] Brkdncr@lemmy.world 2 points 6 days ago (1 children)

Why do you say usually? It’s not what I do. I MitM every machine.

[–] dan@upvote.au 2 points 5 days ago* (last edited 5 days ago) (1 children)

It's what I've experienced at FAANG companies. MitM isn't used and would break certificate pinning on sites (including internal tools) that use both certificate pinning and HSTS. The Chromium source code has a list of domains that are hard-coded to only accept particular root certificates.

[–] Brkdncr@lemmy.world 1 points 5 days ago

I don’t MitM sites that are know to break. I also don’t decrypt healthcare or banking sites. In most cases you wouldn’t know it’s happening unless you look at the cert issuer.