I don't know OSX very well these days. Is that... is that actually installing a new global SSL trust root? Doesn't that mean ProtonMail now can seamlessly MitM all SSL connections on that machine?
Please tell me I'm reading that wrong, because I don't recall doing this for ProtonVPN on linux.
In the instructions they ask the user to "always trust" the cert for all use cases, including SSL. If you do that, any app that uses OS certs can be MITMed. It should be enough to trust the cert for IPSec only.
KirinDave|6 years ago
Please tell me I'm reading that wrong, because I don't recall doing this for ProtonVPN on linux.
deagle50|6 years ago