Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Cyberoam has denied allegations by the Tor Project that its Deep Packet Inspection (DPI) boxes were “mass surveillance devices” capable of intercepting a wide range of traffic.
The security vendor was embroiled in controversy last week after Tor security researcher Runa Sandvik and OpenDNS’ Ben Laurie concluded its DPI units had intercepted traffic from a user from Jordan.
They discovered that the Unified Threat Management (UTM) units used shared certificates which users must accept to have their encrypted traffic scanned, ostensibly for security threats.
Users accepting the certificates could be scanned by any Cyberoam DPI unit, researchers said. Moreover, they claimed the private key could be extracted from the devices.
But Cyberoam fired back, stating its keys could not be extracted.
“.. theoretically it is possible to decrypt SSL data using a conned private key. Cyberoam UTM does not allow import or export of the foresaid private key used for the SSL-Bridging technology,” the company said on its blog.
“Cyberoam UTM either accepts or rejects, but does not store HTTPS Deep Scan Inspection data, as processing is done in real-time. The possibility of data interception between any two Cyberoam appliances is hence nullified.
“Having vindicated Cyberoam technology, we appreciate Tor for the awareness campaign.”
Copyright © SC Magazine, Australia
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.
