|
Full Disclosure
mailing list archives
Re: FD / lists.grok.org - bad SSL cert
From: Tim <tim-security () sentinelchicken org>
Date: Mon, 5 Jan 2009 12:47:20 -0800
It's *slightly* better, in that it guards against passive sniffing attacks
on the data in transit. You're right that it doesn't guard against an
active MITM attack.
How is that better, really? Run tcpdump or ettercap... Either of the
tools are off the shelf. It doesn't take a great deal of skill for
either. Just because a piece of software is doing an extra step or
three doesn't mean an attacker has to do significantly more work.
O(1) + O(1) = O(1)
What modern networks don't permit active modification of packets in
realtime if you have the right access to the data? I can conceive of
some hypothetical radio broadcast or other physical media which, if
carefully designed, could make MitM attacks difficult by virtue of the
media itself (along the lines of a poor man's quantum crypto line), but
I don't know of any in use. Do enlighten me if you do.
cheers,
tim
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Re: FD / lists.grok.org - bad SSL cert, (continued)
Re: FD / lists.grok.org - bad SSL cert James Matthews (Jan 05)
Re: FD / lists.grok.org - bad SSL cert Tim (Jan 05)
Re: FD / lists.grok.org - bad SSL cert chort (Jan 05)
Re: FD / lists.grok.org - bad SSL cert Volker Tanger (Jan 05)
Re: FD / lists.grok.org - bad SSL cert Tim (Jan 05)
(Thread continues...)
|
