Quote:
Originally Posted by pdurrant
In theory. In practice you're vulnerable to man-in-the-middle* attacks, especially relevant when accessing over someone else's wifi.
|
One of the reason PUBLIC wifi is especially vulnerable is that, while hackers probably are not focusing a tremendous amount of attention on YOUR home network in particular, they ARE paying attention to public wifi hotspots, because they know lots of less-than-security-conscious people sit there and do potentially interesting and valuable stuff. It's a target rich environment.
And they also know that, as trustworthy as your local cafe owner may be, he doesn't have the IT security resources to constantly monitor and defend against the latest threats, like, say, your bank, or Amazon, does (and even they get hacked).
BTW, does anyone know: Can a MitM attack be successfully executed, in the real world, if you check that the server shows a properly issued SSL cert? That is, assuming your browser is not compromised, if you actually check that the cert is issued to the correct domain from a trusted root, is there a legitimate chance of there being a MitM? I'm seriously asking because I'm not that versed in the implementation details of SSL or proxies.