Please be aware of this situation and the potential effect these certificate trust changes will have on browsing for you, your customers, and your business environment.
This is a very lucid explanation of the Dell self-signed certificate issue that has spread across the IT security sites and forums the last couple of days. It is being compared to the Lenovo Superfish debacle of earlier in the year, but Dell’s issue appears to be less diabolical and easier to remedy.
This story has been floating around the Internet for a few days and I have even re-tweeted it on at least one occasion. I wanted to take moment and add my thoughts to the mix. I do not understand why GoGo would choose the route of certificate spoofing to tackle the problem of controlling streaming on flights. There are numerous other legitimate solutions that could have been deployed. I am fairly certain this was a result of cost and speed to implementation. Unfortunately, Gogo’s credibility has taken a hit in the process. Perception is reality when using a MitM technique to throttle traffic.
This is an interesting concept and certainly has the potential to significantly impact the commercial cert market. I agree that there are potential privacy concerns for a public service based in the US susceptible to subpoenas.