Cable Forum - View Single Post - Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

bishbosh · 11-04-2008, 20:31

http://www.bbc.co.uk/blogs/technolog...ish_phorm.html

In the comments: A Possibility?

Webwise works by having a layer 7 switch intercept and impersonate the client and server requests on the network: -

You browse to a secure site

The switch takes this request and passes it to the site as its own, adding the Webwise cookie.

When the site responds with its public encryption key, the switch strips the public key for the site out, adds its own public key and forwards the request to you.

Even when you exchange a private key, the switch will also intercept this, (seeing it already has the public key) create its own private key and use its key to communicate with your 'secure' website.

Meanwhile, all this decrypted data is being forwarded into Webwise for 'processing'. This is the fatal flaw with SSL.

If your ISP or your network admin wants to 'snoop' on your browsing, they can.

Bear in mind that you can send certificates in the post on a USB stick, however, header information is NOT encrypted - so they can still see which sites you are visiting, even if they can't decrypt the traffic being sent.

11-04-2008, 20:31	#2935
bishbosh Inactive Join Date: Apr 2008 Posts: 4	Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797] http://www.bbc.co.uk/blogs/technolog...ish_phorm.html In the comments: A Possibility? Webwise works by having a layer 7 switch intercept and impersonate the client and server requests on the network: - You browse to a secure site The switch takes this request and passes it to the site as its own, adding the Webwise cookie. When the site responds with its public encryption key, the switch strips the public key for the site out, adds its own public key and forwards the request to you. Even when you exchange a private key, the switch will also intercept this, (seeing it already has the public key) create its own private key and use its key to communicate with your 'secure' website. Meanwhile, all this decrypted data is being forwarded into Webwise for 'processing'. This is the fatal flaw with SSL. If your ISP or your network admin wants to 'snoop' on your browsing, they can. Bear in mind that you can send certificates in the post on a USB stick, however, header information is NOT encrypted - so they can still see which sites you are visiting, even if they can't decrypt the traffic being sent.