Am I missing something? - dslreports.com

Author	All Replies
cdru Go Colts Premium,MVM join:2003-05-14 Fort Wayne, IN	Am I missing something? So how does having this "notary" prevent a man in the middle attack? If there is a man in the middle between me and my bank, for instance, why can't that same man be between this notary and my bank?
	to forum · permalink · · 2008-08-26 11:23:07 ·
GOLFnSUN Enjoy the sun Premium join:2002-03-03 Avalon, NJ ·Sprint Mobile Broa.. ·Comcast	said by cdru : So how does having this "notary" prevent a man in the middle attack? If there is a man in the middle between me and my bank, for instance, why can't that same man be between this notary and my bank? See pages 7 thru 9 of their paper where they discuss the statistical odds against pulling off a MITM attack against the client and also against the MULTIPLE notaries at the same time. »www.cs.cmu.edu/~perspectives/per···ix08.pdf -- My BLOG .. .. Internet News .. .. My Web Page Ask yourself one question: 'Do I feel lucky?' Well, do ya punk?
	to forum · permalink · · 2008-08-26 11:38:52 ·
knightmb Everybody Lies join:2003-12-01 Franklin, TN ·AT&T DSL Service	reply to cdru said by cdru : So how does having this "notary" prevent a man in the middle attack? If there is a man in the middle between me and my bank, for instance, why can't that same man be between this notary and my bank? It's based on the system of "how have things been" and "how have thing changed". If your bank has always used the same certificate that doesn't expire for 8 years and one day at a coffee shop, the certificate has completely changed, but still "valid" as a MITM attack would do, it throws up an alert. I won't protect you from a MITM attack on the first ever visit to your banking website, only those afterward. It's part of the problem computers have that humans tend to be better at. That's complete trust of strangers. If things look fishy, we get suspicious. Computers, they don't care, if 2 > 1, then they are happy. For us, when we see 2 > 1.5 we ask why 1.5 instead 1 like before? -- Fight NebuAD and the like: Click Here to pollute their data
	to forum · permalink · · 2008-08-26 11:40:50 ·
Viper007Bond Premium join:2002-09-26 Portland, OR	Actually, it would protect you on the first connect assuming someone else has connected to the site before. The trusted servers keep a history of known certs over time.
Viper007Bond Premium join:2002-09-26 Portland, OR	to forum · permalink · · 2008-08-26 22:18:44 ·


Tuesday, 10-Nov 13:00:25	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. republican-creole page compression OFF