Snowden on the Twitters

[Oshwm]

It is behind Cloudflare's MiTM service which adds web services names to their existing certs as alternative Names.

So your SSL/TLS connection is terminated on Cloudflare's web application firewalls and NOT the web servers that you think is terminating it.

Given CF handle over 4% of web traffic it is a great place to collect and collate what was encrypted traffic for monitoring and anti-privacy purposes.

Cheers,
Oshwm.

On 30 September 2015 07:25:42 BST, Georgi Guninski <guninski at guninski.com> wrote:
>On Wed, Sep 30, 2015 at 01:26:18AM -0400, grarpamp wrote:
>> https://twitter.com/Snowden
>
>https://freedom.press/ of which Snowden is director has weird
>certificate, sharing a lot of Alt names:
>
>
>Alt names for ssl7272.cloudflare.com (freedom.press certificate):
>
>DNS Name: ssl7272.cloudflare.com
>DNS Name: *.beauty88.com.cn
>DNS Name: *.beauty88.com.tw
>DNS Name: *.betteroff.net
>DNS Name: *.elderslie-babylon-fastfood.com
>DNS Name: *.elfourno.com
>DNS Name: *.errolskebabhouse.com
>DNS Name: *.everestbhansaghar.com
>DNS Name: *.everestdine.com
>DNS Name: *.expresskebabcrayford.com
>DNS Name: *.fafawispizza.com
>DNS Name: *.familykebab.com
>DNS Name: *.familykebabhouse.com
>DNS Name: *.fanellispizza.com
>DNS Name: *.fanellistakeaway.com
>DNS Name: *.farsleyfastfood.com
>DNS Name: *.fastfoodstoke.com
>DNS Name: *.favoritechickengrays.com
>DNS Name: *.favourfastfood.com
>DNS Name: *.freedom.press
>DNS Name: *.harpqualified.com
>DNS Name: *.haykobagdat.com
>DNS Name: *.helptohelp.se
>DNS Name: *.mcmistanbul.com
>DNS Name: *.ploughinn.com.au
>DNS Name: *.seomate.com
>DNS Name: *.zenithsecure.com
>DNS Name: beauty88.com.cn
>DNS Name: beauty88.com.tw
>DNS Name: betteroff.net
>DNS Name: elderslie-babylon-fastfood.com
>DNS Name: elfourno.com
>DNS Name: errolskebabhouse.com
>DNS Name: everestbhansaghar.com
>DNS Name: everestdine.com
>DNS Name: expresskebabcrayford.com
>DNS Name: fafawispizza.com
>DNS Name: familykebab.com
>DNS Name: familykebabhouse.com
>DNS Name: fanellispizza.com
>DNS Name: fanellistakeaway.com
>DNS Name: farsleyfastfood.com
>DNS Name: fastfoodstoke.com
>DNS Name: favoritechickengrays.com
>DNS Name: favourfastfood.com
>DNS Name: freedom.press
>DNS Name: harpqualified.com
>DNS Name: haykobagdat.com
>DNS Name: helptohelp.se
>DNS Name: mcmistanbul.com
>DNS Name: ploughinn.com.au
>DNS Name: seomate.com
>DNS Name: zenithsecure.com

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 5237 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20150930/e9351e0b/attachment-0002.txt>