SSL falls to spoofed certs/trust lists and or DNS poisoning to create MITM
attacks.
Cybercafes can run their own DNS and routing mechanisms, enabling the latter.
They run and manage their own browsers and trusted cert lists, enabing a fake
'root CA" cert to be laoded into browsers, enabing the former.
SSL is a dead duck in every environment unless DNS is known to be 100%
accurate, and no ARP sppofing tricks are happening.
yal
> On Apr 6, 2005 7:23 AM, Alvin Oga
> <alvin.sec_at_virtual.linux-consulting.com> wrote:
> > - anything sent over the internet is sniffable from
> > anywhere in the world
>
> Delurking just to mention that this isn't correct. Online banking (and
> other security-sensitive activities) aren't a good idea from shared
> sites like a cybercafe for all the reasons others have mentioned, but
> this isn't it. From my desktop here, I almost certainly have no way of
> sniffing your traffic to your bank, unless I happen to be somewhere
> along your path.
>
> I'd also like to know about SSL being broken. I think you mean one of
> the common ciphers is broken, which would be substantial news indeed.
>
> Your conclusion is right but your reasoning is completely wrong AFAICT.
>
> --
> Kyle Maxwell
> [krmaxwell_at_gmail.com]
--
Received on Apr 06 2005
Intro
