|
Can a mime write LOL?
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
Maybe not, but they could use TITB (Trapped in the Box)
"Time flies like an arrow. Fruit flies like a banana."
|
|
|
|
|
That depends on his type.
|
|
|
|
|
They seem to have nothing to say on the matter.
Ravings en masse^ |
---|
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
As long as they use Comic-sans-humour font.
If you can't laugh at yourself - ask me and I will do it for you.
|
|
|
|
|
LEARN THE WORDS!
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
Would they raise their hands in the air and pretend to be drowning? Or is that not what they meme?
|
|
|
|
|
This question is a mimefield (© Jasper Fforde)
So old that I did my first coding in octal via switches on a DEC PDP 8
|
|
|
|
|
Wouldn't that make him a MEME?
"Qulatiy is Job #1"
|
|
|
|
|
I typically run multiple browser windows with multiple tabs, like a lot. I need therapy. Anyway, my customer has implemented some sort of weird firewall. About 90% of the websites I frequent - Microsoft, hardware stores, etc all report in flaming letters
Quote: Your connection is not private
Attackers might be trying to steal your information from www.lowes.com (for example, passwords, messages, or credit cards).
NET::ERR_CERT_AUTHORITY_INVALID
Now I'm fairly certain Lowes.com is fine. All of my browsers do this - Opera, Firefox, Chrome... is there some setting I missed? The common theme is that I only see this when I am inside my customer's network. If I fire up my VPN, there are no issues.
Ideas?
Charlie Gilley
<italic>Stuck in a dysfunctional matrix from which I must escape...
"Where liberty dwells, there is my country." B. Franklin, 1783
“They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
|
|
|
|
|
Just curious as to why you need access to Lowes.com while working for your customer on your customer's system? Perhaps I did not understand your post.
Perhaps your customer sees you surfing the internet a lot on their network and has restricted non technical sites? Not sure.
|
|
|
|
|
Haha, no. I work from home mostly, and Lowes is just an example.
This happens for many technical sites that I reference in my work. Let's say I need to order hardware - microcenter.com fails, newegg.com fails, newark.com fails. microsoft.com passes, but hilariously bing.com does not.
Charlie Gilley
<italic>Stuck in a dysfunctional matrix from which I must escape...
"Where liberty dwells, there is my country." B. Franklin, 1783
“They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
|
|
|
|
|
can you have those sites whitelisted?
not sure if black/white lists terms are politically correct these days. Perhaps the "do not block" list?
Every now and then I have to put in a request to have a certain site added to the "okay" list.
|
|
|
|
|
Slacker007 wrote: Just curious as to why you need access to Lowes.com while working for your customer on your customer's system? Perhaps because his wife called and asked "can you pick that up from Lowes?" and he orders it on the website so he can pick it up on his way home?
Or because something happened and he really needs that thing from Lowes asap.
Or perhaps because he has a five minute break and Lowes is his thing.
Or maybe he has a heated discussion with a coworker who is absolutely certain something is not available at Lowes while he is absolutely certain it is.
There are plenty of reasons why a human being would visit the Lowes website during the day when he's awake and behind a computer.
If you want 8 hours of uninterrupted work in which no personal Lowes matters come up, hire a robot instead.
|
|
|
|
|
Is there a proxy on the customer's network?
I have seen this when a proxy exists, and all browsers send their HTTP and HTTPS connections through - if you do this, you have to install a certificate on the proxy. If that certificate does not exist or it is self-signed, you get those kind of warnings.
Which means the "secure" connection is then from local browser to proxy, and the proxy establishes a new secure connection between itself and the actual site. Of course it allows eavesdropping ... anyone with access to the proxy can read all requests/responses in cleartext even if HTTPS. But some companies do this.
|
|
|
|
|
I think you meant to reply to the OP, and not me.
|
|
|
|
|
This... the error is essentially exactly what's on the label.
Their proxy is re-encrypting the traffic and basically acting like a MITM. While it could just pass traffic back and forth, this means that is not what is happening.
Rather, two different certs are being used for the SSL traffic like nepdev2011 described. They have full control over one of them.
It doesn't definitely mean they're picking off the details of your Ashley Madison Lowe's use, just that they could be.
With all the work from home, I'd guess a bunch more people are seeing this error lately as companies work to shore up their security.
|
|
|
|
|
I'm NOT a networking expert so I don't know exactly how it's done, but I do remember some discussions about this sort of thing - I'd say "they" are substituting in their own cert so they can inspect the traffic even though it's encrypted - so you get that warning. In other words, a variation on the man-in-the-middle attack.
That's what I'm guessing is happening based on what you're getting.
|
|
|
|
|
That's what I'm thinking too. Old job did the same, and for whatever reason they could never figure out how to push cert updates to Firefox; so every time they fiddled with their MITM box I had to manually add the certs to my browser.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
|
|
|
|
|
nepdev2021's response above (and harvyk0's below) both paint a much better picture than I could as for the how. Seems obvious in hindsight.
|
|
|
|
|
Your client has apparently implemented a policy that eliminates most, if not all, of the trusted root certificates in their systems. It sounds like they're doing this by not allowing certificate chains to be processed at their firewall. My guess is they're either seriously paranoid, or they simply screwed up their firewall.
|
|
|
|
|
I'm going to side on the seriously paranoid, but I do think they screwed something up. I spoke to a coworker, and he has no issue going to several suggestions I gave him. His PC is in the corporate domain. I'm a consultant, so my laptop is not in the domain. There might be some implications there.
Interestingly, I do have a VM that is in their domain, and it still has these errors. When I hear back from IT, I'll follow up this post.
Charlie Gilley
<italic>Stuck in a dysfunctional matrix from which I must escape...
"Where liberty dwells, there is my country." B. Franklin, 1783
“They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
|
|
|
|
|
They have implemented SSL inspection on their Firewall (or Proxy).
Basically the connection is secure between the website you're visiting and their edge device but they failed to provide you with a copy of the root certificate used by their edge device.
Once you have the root certificate (and you actually trust the customers IT) then you'll cease getting that warning. At the same time however they have effectively man-in-the-middle attacked your connection, so what goes through that connection is a secret between you, the website your visiting, and your customer. Be wary of doing anything you'd actually want security for (eg Internet Banking).
|
|
|
|
|
|
Can it be that the customer's IT department was so busy with doing stuff they can to stop & think about whether they should? I swear, most policies in my company stem from someone eager to make themselves noticed. Meaning making wind.
|
|
|
|