Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

I have a 1st generation iPad, and I usually use it for web browsing when I\'m ho

ID: 661900 • Letter: I

Question

I have a 1st generation iPad, and I usually use it for web browsing when I'm home. The 1st gen iPad can't run newer versions of iOS (I'm stuck with iOS 5). I went to a website that tells if your SSL client is good or bad. My iPad has a bad SSL client. I have a computer that I use as a personal home server. The server has a good SSL client. I was wondering if I could connect my iPad to that server, and then the server would encrypt the connections for me. What I want to do is to use the computer as something like a proxy server, and the connections between the iPad and my proxy could be unsafe, because I trust my home network, but the connection between the proxy and the web would be safely encrypted. I tried using the Squidman proxy server, but I went to that website again and it told me that the SSL client was bad. So I think that perhaps the Squidman proxy server doesn't do the whole encryption process, and it leaves this job for the iPad SSL client, which is bad. How could I have a proxy server that handles the SSL encryption?

Explanation / Answer

Essentially, you're looking to conduct a man-in-the-middle attack against yourself. Squid newer than 3.1 offers a feature called sslbump that can perform this technique, where connections are decrypted then re-encrypted. You can use dynamic certificate generation to make certificates that match the hostname correctly, but you'll need to install the Certificate Authority from Squid on your iPad.

Now that I've answered your question, I'll go for the intent -- you're trying to make yourself more secure, but I'm not convinced you are. Did the SSL test site list specific attacks that your client is vulnerable to? What threats are you concerned about? Keep in mind that by proxying your connection, you're adding more complexity, and thus more attack surface, to your setup. If your proxy server gets compromised, then 100% of your traffic will be readable by the attacker. Also, you'll get no benefit from this setup if your iPad is not on your home network.

Related Questions

I have 5 text files (.txt) and they all contain string content. Like one is a po
Question #671851
I have 50 songs 10 of those are X 40 of those are Y Let there be 20 songs per ho
Question #3357251
I have 6 equations with 6 unknowns, I am having trouble getting the right soluti
Question #1821849
I have 6 multiply choice Questions : 1- If the lessee and lessor use different i
Question #2416103
I have 6 questions about mechnical and material. Please explain them clearly. Th
Question #2324889
I have 6 questions that Im beyond confused on solving. Some one please help me a
Question #794661
I have 7 classes with the following requirements: An ABSTRACT class Operator tha
Question #3630180
I have 7 errors on this and it doesn\'t seem to connect to my SQL database even
Question #3857362

Navigate

Previous
I have a 100 questions homework and need help with some of the questions! Thank
Next
I have a 2 part question I cannot figure out.. I dont even know where to start t

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.