Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Yes. My university was using Fortigate back in the day and it had 3 behaviours

-Allow with no mitm (trusted sites)

-Block with no way around it(all residental IPs, pornsites)

-Allow but mitm the connection. The browser would present the classic ERR_UNKNOWN_ISSUER warning that most people would ignore. I couldn't figure out what criteria decided that a certain site needs the mitm treatment.



Ah yes, exactly the kind of intellectual freedom to explore and tinker you'd want to flourish at a university. Better block it! Wild guess: US?


>Wild guess: US?

Hungary.

My theory is that it was installed to curb filesharing and then it snowballed into generic blocking of various things on the university network.

>intellectual freedom to explore and tinker you'd want to flourish at a university.

Ah that sounds sweet. Reminds me of the anecdotes I read from the pioneer age of computing that people tell here sometimes. Well, the place I studied at was nothing like that. >_>


Eh, if you care about privacy you shouldn't be browsing porn without a VPN or tunnel to a trusted server, "intellectual freedom" or not


In theory, if the tls connection wasn't tampered with, i.e the cert issuer is a party you trust, it shouldn't be a problem apart from the dns query.


I was referring to residential IPs.


Yep, by far that was the biggest PiA because I was hosting a lot of things at home.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: