Hacker News new | past | comments | ask | show | jobs | submit login

"Snooping a connection (i.e. on a wireless link) is much easier than any of the impersonation attacks that SSL authentication prevents."

I wouldn't be so sure about that.




> I wouldn't be so sure about that.

Umm, I would. Running Wireshark or tcpdump to sniff traffic over the wire is easy, and analysis can be done offline at the attacker's leisure.

Hijacking DNS and phsishing for users' login credentials to other sites requires a lot more preparation, and in most cases, prior selection of the desired target sites.


(1)

An attacker in Estonia manages to compromise a single DNS cache serving a residential cable ISP in Tuscon, AZ. Without SSL in the way, she now owns several thousand bank account logins and Yahoo Mail passwords.

(2)

An attacker in Estonia manages to compromise a single DNS cache serving a residential cable ISP in Tuscon, AZ. With SSL in the way, she now owns several bank account logins and Yahoo Mail passwords.


In most cases where you can run Wireshark to sniff someone's traffic you're probably just steps away from performing a man in the middle attack.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: