In reply to Heather.

There’s a reason people log in to their servers a certain way (using both encryption and certificates to validate both sides): it’s a defense against MitM attacks. Attacks like this happen all the time. What was interesting about this one in particular is that it almost has to be local to Rackspace…’cause if it’s not, that’s worse. If Rackspace admitted to doing this sort of thing on their own initiative they’d probably go out of business pretty quickly. So it’d be fun to know exactly what was going on, but I don’t think I ever will.

In reply to Heather.

Ha. This strikes you as loony? Strikes me as malfeasance by Rackspace or one of their employees…or the federal gov’t. My personal opinion: somebody at Rackspace installed something he/she shouldn’t have, possibly without understanding its implications…I mentioned it…and it got turned off. That’s the most charitable interpretation, and I think it’s probably about right. But the situation could easily be worse than that.

A friend wrote to tell me the state of Alaska & a corporation he worked for had both tried the same sort of thing on users of their networks (only intercepting/decrypting/logging outbound traffic, rather than inbound–and yes, using Blue Coat). And here’s Bruce Schneier on how the NSA has done this very thing, only vs. Google rather than Rackspace: https://www.schneier.com/blog/archives/2013/09/new_nsa_leak_sh.html

The stuff I pointed out is business-as-usual for a certain crowd of folks. Rackspace itself failed to react with reasonable concern, which leads me to conclude they know all about it. They also failed to explicitly deny knowledge.

yanno what also popped into my head reading all this?

Someone’s making you look like a loon.

NOT good.

Heather, unencrypted *grin*