0

I have been given a laptop with pre-installed software and I am connecting to the internet on it via company wifi.

When I am accessing a secure website using https, I want to ensure that the LAN admin is not snooping my data. If I understand right,snooping could be possible if certficates in my browser are compromised (for example, by adding a certifying authority certificate, using which a man-in-the-middle will be able to issue self-signed certificates).

My question is, is there a quick way to check if the certificates recognized by my browser (Firefox, Chrome) are the default ones, and haven't been tampered with?

The next level would be checking that the keys in my Ubuntu's apt system are also not tampered. But that would make for another question I guess.

Improve this question

1 Answer 1

Reset to default
1

If you are using FireFox then you can use the Certificate Patrol add-in. Set it to warn on new and changed certificates. Then check each warning and accept the certificate.

Improve this answer
2
  • Thanks, this helps. Though it doesn't directly address my concern, as I want to check for pre-installed malicious certificates as well.
    – HRJ
    Commented Oct 4, 2012 at 10:03
  • IIRC you can tell CP to initially not accept any certs. Which means you'll get a lot of prompts in the beginning ;-)
    – Jan Doggen
    Commented Oct 4, 2012 at 13:55

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .