1. It doesn’t matter what the odds are. When it happens the odds go to 100% making all the previous discussion moot. 2. Chrome and Safari have alternatives so what is the key point here? To keep the network secure or cater to a small group of users who obstinately refuse to give up their browser of choice? Is it management’s intent to hold corporate network security hostage to this small group of users?
From: David Lum Sent: Wednesday, July 31, 2013 10:07 AM To: NTSysADM@lists.myITforum.com Subject: [NTSysADM] man-in-the-middle attack I need to present management with the odds of this actually getting exploited, as I’d want to force TLS 1.2 for ADFS but that takes Chrome and more importantly Safari (iOS devices) out of the mix, so I suspect management might say “we want compatibility instead of protection from some obscure attack that is unlikely to happen. In short, what are the odds of a MITM attack actually happening between my remote employee and our ADFS server? David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764