Bernie Sumption wrote, On 2008-11-06 03:57: > Graham, Nelson, Eddy, you all make good points. > > I'll take your word for it that it's impossible to detect MITM attacks > with 100% reliability, as I said I'm not a security expert. > > How about an MITM detection service that gives no false positives, but > might give false negatives?
I don't think that's possible, either. It is possible in the Internet to setup different physical servers around the globe, all of which appear to users on different parts of the Internet to be the same server. This technology can be used for good or for evil. It is my understanding that this is how "Content Distribution Networks" like Akamai work. But obviously it can also be used to perform MITM attacks. The only difference between a CDN server and an MITM attacker is the presence or absence of authorization given to the alternative site operator by the true & rightful owner of the site. I doubt that the presence of that authorization can be detected by the likes of "perspectives". > If you positively identify an MITM attack, you can present users with a > much more definite UI saying "this *is* an MITM attack" and giving advice > about what to do in the event of an MITM. If we create an error display that says "No kidding, this absolutely is an attack and we're stopping you cold to protect you from it." it seems unavoidable that users will learn to treat the absence of such an unbypassable error display as proof to the contrary, proof that the site is genuine and verified. Do we want to train them that way? _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
