Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I've never really been a fan of the whole "browser extensions" thing, with perhaps the exception of UI mods, and things like this only serve to reinforce that notion. I prefer to use a MITM filtering proxy, which works in all browsers and is independent of, so isn't beholden to, the authoritarian institutions which control them. Incidentally I also have a filter which does the same thing as his extension, and I probably added it the same day Google decided to mess with those links.


Good luck with that once hsts, cert pinning, and TLS 1.3 become more common.


MiTM proxying TLS 1.3 connections works just fine.

Browsers ignore cert pinning when the CA certificate was manually installed, so this is not a problem either.

I have no idea what HSTS is doing on your list.


> I have no idea what HSTS is doing on your list.

https://moxie.org/software/sslstrip/


We're talking about voluntarily installed proxy. Why would anyone want to mount an HTTPS stripping attack against themselves?


How carefully have you analyzed the MITM proxy you are using? Many have security holes and you may be opening yourself up to attacks. Modern browsers have placed a lot of effort into security, you may be undoing a lot of the transport security.


Which local proxy do you use?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: