Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> In a corporate setting, mitm'ing TLS and blocking sites by category is routine practice

Deep packet inspection is a terrible practice in my opinion. It adds more security vulnerabilities than it typically helps avoid. I’ve seen one implementation use client software to extract keys from a machine to send to a centralized server. How some companies don’t see how this model can be easily exploited is beyond me. Me and a VP friend of an organization have had long debates about this topic and he insists it makes more sense for him because the employees have been more competent at the companies I’ve worked at than the company he managed (which could be true since his company had high turnover leading to many engineers being hired out of need rather than evaluated merit).



Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: