0
I'm gonna ask a question which includes both SSL and VPN. Though, question is same for both.
For SSL, i logged into a forum which offers/supports SSL encryption for secure authentication.(like email services, banks did).That way, the data between me and server(if server is properly built in any cases and service is reliable)is secured and even ISP can't display it. Then, i started a thread as a registered member of that forum. Can other registered members display the thread content?
Same question is valid for the VPN as well. Can other registered members display the thread content?
If they can, where is the security on the content except login information case? (for VPN and SSL). I mean perhaps ISP at that moment can't examine it but members and web site owner see everything.
i mention the forum members. Can they display my content as long as they are not restricted from that forum (once SSL or VPN is used)? – Ozgun S – 2012-06-03T16:36:36.007
@OzgunSunal: Yes, you would need SSL / VPN to view the content if it is protected in that way. – Tamara Wijsman – 2012-06-04T15:42:49.043
1@TomWijsman In a corporate environment, where the company has both physical and administrative access to your computer (i.e., the ability to secretly install their own CA cert in the browser), an SSL interceptor can be used to sniff the plaintext sent over SSL. Companies like Bluecoat and Verdasys make SSL interceptors as part of their Data Loss Prevention tools. So I think some of your statements in this answer need qualification. They are too absolute in their wording. – Fran – 2012-06-10T22:46:45.157