Ge0rG on Nostr: Detailed and credible looking report of #LawfulInterception #MitM on an #xmpp server ...
Detailed and credible looking report of #LawfulInterception #MitM on an #xmpp server hosted at #Hetzner in Germany:
http://notes.valdikss.org.ru/jabber.ru-mitm/Looks like a transparent bridge was deployed in front of the actual server, obtained dedicated certificates from #LetsEncrypt and MitMed all incoming client connections since July. It was discovered because the LE certificate expired 🤦
Published at
2023-10-20 13:52:40Event JSON
{
"id": "770f423ff229134c7d6844d07a6e0b3cf4f25122d0328198269f2d8bb524da60",
"pubkey": "5877dfa3748424b003c3ecf0c6d9fb3ddcda0a8b86bcb45435d0fa092cc873c0",
"created_at": 1697809960,
"kind": 1,
"tags": [
[
"t",
"lawfulinterception"
],
[
"t",
"mitm"
],
[
"t",
"xmpp"
],
[
"t",
"hetzner"
],
[
"t",
"letsencrypt"
],
[
"proxy",
"https://chaos.social/users/ge0rg/statuses/111267673570849699",
"activitypub"
]
],
"content": "Detailed and credible looking report of #LawfulInterception #MitM on an #xmpp server hosted at #Hetzner in Germany: http://notes.valdikss.org.ru/jabber.ru-mitm/\n\nLooks like a transparent bridge was deployed in front of the actual server, obtained dedicated certificates from #LetsEncrypt and MitMed all incoming client connections since July. It was discovered because the LE certificate expired 🤦",
"sig": "be522376736ffd67e3d7913e62e2594505064c5a278d8807ef711ae8169b1bdff66567a87111b3d3c022a70ea0c8f3e6f3704be112bcb8b3c4d1e570086a4afd"
}
