05 Jan Gogo Inflight Internet may be snooping on its users
Gogo Inflight Internet, the only way to access the Internet on nine major airlines such as Delta, American, U.S. Airways and Virgin Atlantic, apparently doesn’t think you need secure browsing.
Gogo, it turns out, has been intentionally issuing fake SSL certificates to its Internet users. That’s a pretty big security no-no; such certificates are basically designed to ensure that you’re connecting to a genuine site and not an imposter.
By forging these certificates, Gogo is itself acting as an imposter of sorts. When done with malicious intent, such an act is known as a man-in-the-middle attack—one in which an untrusted third party inserts itself in the middle of your communications to eavesdrop on conversations, copy messages or even interfere with traffic by blocking it or replacing real transmissions with fake ones.
The compromise was discovered by Adrienne Porter Felt, an engineer on the Google Chrome security team, when she discovered she was being served SSL certificates from Gogo while connecting to Google-owned YouTube during a flight.
Porter Felt tweeted that she believes Gogo is performing this user unfriendly behavior to block streaming video, which Gogo explicitly doesn’t support—although, as Porter Felt noted, “there are better ways to do it.”