1 |
On 161217-20:56-0500, Walter Dnes wrote: |
2 |
> I'm running Pale Moon. In an xterm, I did... |
3 |
> |
4 |
> export SSLKEYLOGFILE=/dev/shm/sslkeylogfile.txt |
5 |
> |
6 |
> ...and launched Pale Moon manually from the commandline. nd visited a |
7 |
> couple of https sites. I did get /dev/shm/sslkeylogfile.txt which |
8 |
> begins with the line... |
9 |
> |
10 |
> # SSL/TLS secrets log file, generated by NSS |
11 |
> |
12 |
> Following that are a bunch of lines starting with... |
13 |
> |
14 |
> CLIENT_RANDOM |
15 |
> |
16 |
> ...followed by a space, followed by 161 random hex-numeric characters |
17 |
> i.e. [0-9a-f]. |
18 |
> |
19 |
> I also saw a line beginning with... |
20 |
> |
21 |
> RSA |
22 |
> |
23 |
> ...followed by a space, followed by 113 random hex-numeric characters |
24 |
> i.e. [0-9a-f]. |
25 |
|
26 |
The very usual and familiar text that I take all --really all-- the |
27 |
time. Ever since I was pwned: |
28 |
System attacked, Konqueror went on window-popping spree! |
29 |
https://forums.gentoo.org/viewtopic-t-905472.html |
30 |
( |
31 |
Ah, and my Vimeo videos are back; not the Youtube ones, and it happened |
32 |
relatively recently that my vimeo videos are back, linked from that |
33 |
five, 5, years old topic on Gentoo Forums, as I informed here when they |
34 |
too were removed: |
35 |
https://forums.gentoo.org/viewtopic-t-905472-start-25.html#7881412 |
36 |
|
37 |
Plus, no way for me to update the Forums, since some people, like one of |
38 |
the Site Admins there, really don't like me: |
39 |
Was I really hijacking topics from other members? |
40 |
https://forums.gentoo.org/viewtopic-t-1041614.html |
41 |
Ctrl-F "your account has been banned.", currently still the very last |
42 |
line, date was: "Posted: Fri Apr 01, 2016 3:14 am" |
43 |
) |
44 |
|
45 |
[Ever since I was pwned], I inquired a lot about this capabilitiy, and |
46 |
some btwn 1 and 2 years ago I learned that since some times 2013 or |
47 |
around there (so I was just around 2 years late from the beeding edge |
48 |
development), Wireshark can read what Firefox SSL-keys captures, and |
49 |
since then I capture SSL-keys all the time time. |
50 |
|
51 |
> If you plan to do this regularly, your program launcher will need to |
52 |
> launch bash scripts with seperate filenames for each profile. Maybe |
53 |
> append date-time stamp to filenames to avoid multiple sessions |
54 |
> overwriting each other. |
55 |
In Firefox, you just need very little settings on the outside, : |
56 |
https://wiki.wireshark.org/SSL |
57 |
> |
58 |
> As for privacy, there are the usual features, like... |
59 |
> |
60 |
> * asking sites to not track (don't trust that) |
61 |
> * control of which sites to accept/refuse regular cookies, and 3rd-party |
62 |
> cookies, from |
63 |
> * whether or not to clear browsing and download history |
64 |
> * private browsing session |
65 |
I think some of the suggested extensions/addons here: |
66 |
https://wiki.gentoo.org/wiki/Tor |
67 |
(sadly) use Australis I currently have eff-https everywhere, |
68 |
RequestPolicy-continued, Privacy Badger, NoScript and Agent Spoofer. |
69 |
Some of them, I read (but don't remember which ones), use Australis... |
70 |
|
71 |
But... |
72 |
> -- |
73 |
> Walter Dnes <waltdnes@××××××××.org> |
74 |
> I don't run "desktop environments"; I run useful applications |
75 |
> |
76 |
...But thanks, why was this so hard to tell... See there in the Pale |
77 |
Moon forums, nobody replied (yet)... |
78 |
|
79 |
How come people are so little interested to read the traffic? |
80 |
|
81 |
I have all kinds of traces posted ( |
82 |
far from expert talk, but still |
83 |
useful stuff in somebody wants to learn to read the traffic of his own: |
84 |
http://www.croatiafidelis.hr/foss/cap/ |
85 |
)... |
86 |
|
87 |
How come people are so little interested to read the traffic, to learn |
88 |
how sites behave which they visit, and often to discover what sites |
89 |
really do to them? |
90 |
|
91 |
I'll go and inquire at the Pale Moon forum about the issues above, and |
92 |
will post there this exact question above, I think. |
93 |
|
94 |
Also, if this is really true, the Wireshark SSL wiki (the link above) |
95 |
needs to be updated... |
96 |
|
97 |
And more, wait... |
98 |
|
99 |
Wait... Did you need to patch the nss library to get the $SSLKEYLOGFILE |
100 |
being written to? Like in this bug: |
101 |
|
102 |
>=dev-libs/nss-3.24 - Add USE flag to enable SSL key logging |
103 |
https://bugs.gentoo.org/show_bug.cgi?id=587116 |
104 |
|
105 |
Did you? (That's about the only patch there, that I submitted to |
106 |
Bugzilla anywhere ;-) btw.) |
107 |
|
108 |
I'm puzzled... And overwhelmed with work, because I must now find time |
109 |
to install and set Pale Moon to the (SSL) traffic (and I'm really a slow |
110 |
worker). |
111 |
|
112 |
(Still half-disbelieving... so surprised I am.) |
113 |
-- |
114 |
Miroslav Rovis |
115 |
Zagreb, Croatia |
116 |
http://www.CroatiaFidelis.hr |