That's right- nobody can do man-in-the-middle (that I've heard, anyway) on HTTPS, since everything is encrypted using TLS or SSL. If you get extremely lucky and catch the browser at the wrong moment, you can sniff the server key and browser key, but apart from that, it really depends on the strength of the server's key.
What they do, is they spoof the certificate and point you to a hijacked webpage (us.etrade.com.mypaidhost.net), from which they can easily collect your login information. They then access your E*Trade account and have lots of fun with it, leaving you holding an empty bag. That's my take on all of this. - Robert On Wed, 2007-10-03 at 15:39 -0400, Victor Duchovni wrote: > On Wed, Oct 03, 2007 at 11:21:46AM -0600, [EMAIL PROTECTED] wrote: > > > Here is the URL they direct the victim too: > > > > https://us.etrade.com/login/challange/2b593cba/logon.htm > > > > This is not the actual booby-trapped URL that users who click on the > phishing links would use. You are not looking at the HTML source of > the email.
