man in the middle, SSL
Ivan Krstić
krstic at solarsail.hcs.harvard.edu
Sat Feb 3 16:18:53 EST 2007
[I prefer to keep discussions on-list where possible. CCing the list.]
Beryllium Sphere LLC wrote:
> Bruce Schneier pointed out years ago that it's trivial for a virus
> or Trojan to add a new trusted CA to the browser's list of trusted
> roots. At least one "advertising support web accelerator" installs
> itself in the browser configuration as a peer of Verisign and can
> then proxy SSL without any warning to the user.
Right. I was talking about the kind of MITM where an attacker is
physically between your machine and the SSL destination, such as sitting
on your network's egress. MOYM (man on your machine) attacks are a bit
of a lost cause with most modern OS environments, though I've been
working pretty hard to try and change that on the One Laptop per Child
machines.
--
Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | GPG: 0x147C722D
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list