Linked by Igor Ljubuncic on Mon 2nd Apr 2012 15:41 UTC
Features, Office You have just bought tickets to an exotic vacation spot. You board the flight, you land safely, you pull your netbook from your backpack, fire it up, and then check if there are any available Wireless networks. Indeed there are, unencrypted, passwordless, waiting for you. So you connect to the most convenient hotspot and start surfing. Being addicted as you are, you want to login into your email or social network just to check if something cardinal happened in the world during your four-hour flight. You're about to hit the sign in button. Stop. What you're about to do might not be safe.
Thread beginning with comment 512769
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Firefox and Chrome
by rhavenn on Tue 3rd Apr 2012 06:11 UTC in reply to "RE[2]: Firefox and Chrome"
rhavenn
Member since:
2006-05-12

Well, yeah. In some random "hotspot" that you pick up while on the road the scenario that a DHCP server and/or router is compromised or maliciously setup is rather high. That's the point.

So, getting a proxy setup where the user gets certificate warnings is trivial and most people "need" to check their facebook or whatever and would just click continue. Also, plenty of CAs around the world aren't all that great and you could probably finagle a trusted cert out of many of them and use something like Squid and its SSLbump feature to just invisible proxy the SSL traffic for you.

Reply Parent Score: 1