I have read an interesting article about session recording.
There are quite a lot of companies offering such, see a (incomplete) market overview here.
Now I got curious, because the list compiled by the Princeton university only covers the Alexa top 10000 websites.
I now ask myself, is it possible to locally fake SSL connections?
Because, my idea is, to locally redirect/fake the DNS data so that every request to these session recording companies' servers gets redirected to a locally jailed webserver, who then could unencrypt the spy packets using the fake DNS/SSL information to find out the referers etc.
The idea behind this is to build kind of a "data collector daemon" that detects when sites try to record your sessions.
So you can discover, using the "data collectors'" web interface, which of the sites you visit are/were trying to keylog you, etc.
Edit:
To make more clear what I mean: This page contains a list of the dozenmost "popular" session recording servers' host/domainnnames.
One can locally redirect requests to one of these hosts to an internal own server.
As long as the requests are http only, it is no problem to find out the referer.
But if they are https, all data except the hostname are encrypted.
Thus it would be ideal if there is a way of creating a fake self-signed certificate that one can use to intercept, decrypt and disclose the contents of the referer fields etc.
Ideally this could be done as a collective effort, like collecting evidence reports of session recorder eavesdropping.
Why? Because I think people deserve to know who voyeurs them.
Edit 2:
Maybe another approach could be to modify the browser so that requests to these spy sites in the list are always been done in http, making analyzing them easier.
Maybe a small plugin could be sufficient...
There are quite a lot of companies offering such, see a (incomplete) market overview here.
Now I got curious, because the list compiled by the Princeton university only covers the Alexa top 10000 websites.
I now ask myself, is it possible to locally fake SSL connections?
Because, my idea is, to locally redirect/fake the DNS data so that every request to these session recording companies' servers gets redirected to a locally jailed webserver, who then could unencrypt the spy packets using the fake DNS/SSL information to find out the referers etc.
The idea behind this is to build kind of a "data collector daemon" that detects when sites try to record your sessions.
So you can discover, using the "data collectors'" web interface, which of the sites you visit are/were trying to keylog you, etc.
Edit:
To make more clear what I mean: This page contains a list of the dozenmost "popular" session recording servers' host/domainnnames.
One can locally redirect requests to one of these hosts to an internal own server.
As long as the requests are http only, it is no problem to find out the referer.
But if they are https, all data except the hostname are encrypted.
Thus it would be ideal if there is a way of creating a fake self-signed certificate that one can use to intercept, decrypt and disclose the contents of the referer fields etc.
Ideally this could be done as a collective effort, like collecting evidence reports of session recorder eavesdropping.
Why? Because I think people deserve to know who voyeurs them.
Edit 2:
Maybe another approach could be to modify the browser so that requests to these spy sites in the list are always been done in http, making analyzing them easier.
Maybe a small plugin could be sufficient...