

Analysis of Chinese MITM on Google - ndesaulniers
http://www.netresec.com/?page=Blog&month=2014-09&post=Analysis-of-Chinese-MITM-on-Google

======
iancarroll
Funny that the certificate is signed using MD5 and wouldn't have worked
regardless of being signed by anyone or the CN being correct.

~~~
netresec
The purpose of the "Great FIrewall of China" is to censor the Internet, i.e.
the intention of this MITM doesn't seem to be to covertly spy on the
University user's searches.

A self signed X.509 cert is enough in order to see what they are searching for
and to block/RST queries for topics like "Tiananmen Square protests". The CH
authorities don't care if users notice the MITM in this case.

------
ndesaulniers
This plus cache poisoning via service workers.

