United Wifi and MITM attacks on TLS

So, I was going to check my Email to my private IMAPS (TLS, port 993) mail server. And I get this warning about the certificate from my mail client (Apple Mail). Curious, I checked the certificate, and found this:

Server certificate
issuer=/C=  /ST=Some-State/O=Blue Coat SG900 Series/OU=4312240020/CN=
Now, this doesn't make a whole lot of sense. I know my certificate was not issued by this issuer. Who is that ? Well, Blue Coat SG900 is obviously a proxy of some sort, presumably a transparent (captive) proxy. But why would United care about my IMAP over TLS connection? What could they possible want to see? My email? Anti-virus? And, this is after I had paid the $8.99 (very reasonable) internet fees (so it should IMO not be captive any more).
Needless to say, I did not trust this certificate / MITM attack and therefore, unable to check my email. Very lame.


Note: This is the TLS handshake with the MITM proxy server:

Server certificate
issuer=/C=  /ST=Some-State/O=Blue Coat SG900 Series/OU=4312240020/CN=
No client certificate CA names sent
SSL handshake has read 1754 bytes and written 456 bytes
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: XYZ
    Master-Key: XYZ
    Key-Arg   : None
    Start Time: 1397924326
    Timeout   : 300 (sec)
    Verify return code: 21 (unable to verify the first certificate)


tmux and SSH agents

I use tmux a fair amount, together with iterm2's support for control channels, it's amazing. However, when restoring sessions, and you rely on SSH agents, it can sometimes get wonky. The issue being that the shell sessions under the tmux session loses the agent connectivity. So I wrote this little shell script, which I run as part of logging in and starting (or restoring) a tmux session:

rm -f $MY_AGENT
tmux has-session > /dev/null 2>&1
if [ 0 -eq $? ]; then
    exec tmux -CC attach
    exec tmux -CC


It might not be perfect, I'm sure it could be automated better in some ways. But with this, naming the script "mux", I simply just run this command every time I want to connect to my tmux session. It'll figure out if it should attach to an existing session, or create a new one as well.


Subscribe to RSS - Security