RE: The Computer Thread
March 4, 2014 at 1:30 pm
(This post was last modified: March 4, 2014 at 1:31 pm by Autumnlicious.)
Secured connections will fail to verify in an event of a DNS rewrite attack. Only unsecured connections are really vulnerable to the hijacking this creates. Or ones that override/ignore the SSL error.
This is a form of a man in the middle attack, except the man is your router.
Furthermore, if you use a browser like Google Chrome which has visited the site with specific headers presented, then it will refuse to allow any SSL stripping attack (What one usually does to hijack SSL sessions during a man in the middle attack) even if you remove subsequent headers from future connections to that site. Some browsers come with a prepackaged list of websites that must always have SSL/TLS enabled.
Google is one of those candidates.
So the articles fear of getting a "bad Google" is completely unfounded. Other sites that are unsecured are vulnerable to MITM though.
I hate really stupid analogies when they simply cannot work technically due to current configuration.
This is a form of a man in the middle attack, except the man is your router.
Furthermore, if you use a browser like Google Chrome which has visited the site with specific headers presented, then it will refuse to allow any SSL stripping attack (What one usually does to hijack SSL sessions during a man in the middle attack) even if you remove subsequent headers from future connections to that site. Some browsers come with a prepackaged list of websites that must always have SSL/TLS enabled.
Google is one of those candidates.
So the articles fear of getting a "bad Google" is completely unfounded. Other sites that are unsecured are vulnerable to MITM though.
I hate really stupid analogies when they simply cannot work technically due to current configuration.
Slave to the Patriarchy no more