Attacking SSL and improved MITM attack
New Comment
Back
Man-in-the-middle attacks have been around for a long time. It's usually possible to trick a less-knowledgeable user to accept the browser warnings, leading to a successful SSL mitm attack and sniffing the traffic. Now this is possible even without any warning being displayed to the end-user. Here's the presentation from BlackHat conference. This attack won't work when you type "https" link into the address bar, but it is aimed at the fact that most SSL pages are accessed via either clicking a link or via redirection (302 response).
CommentsNew Comment
Back