[PLUG] wifi security
Joe Pruett
joey at clean.q7.com
Wed Feb 25 17:52:33 UTC 2009
> Still, it's difficult to know for sure that any given public wifi
> network hasn't had DNS spoofed -- pointing to rogue servers that can
> launch man-in-the-middle attacks, for instance.
if you don't accept bogus certificates and we trust the ssl certificate
authorities, ssl is supposed to be immune to man in the middle attacks.
the middle host wouldn't be able to forge a handshake for the domain
you're trying to connect to.
i guess there are some human factor issues that can crop up. getting
redirected to micr0s0ft.com and not noticing that the url isn't what you
expected.
More information about the PLUG
mailing list