On 12/21/20 1:08 AM, Ulrich Windl wrote:
On 12/20/20 4:17 PM, Morten Eyrich wrote:
Okay so if I have been using a https connection, then it's no
problem... ?
If they use a wrong certificate for a MITM attack they might decode your
connection... It means nobody between you and the "next endpoint" can
read your password, but how to ensure what the "next endpoint" really is?
Ulrich is right. First, look at the "certificate story". These are meant
ensuring that you can trust your endpoint. Certificates are
pre-installed in your browser, and one should check (and rarely does)
which ones to trust (and how much). Invented examples: If they are owned
by chinese or russian telecom company, do you trust it? State agencies
could intervene. Or british telecom (5eyes??). The actually used
hierarchical trust model might be a failure by design.
And then there are exploits. Example: some years ago Moxi Marlinspike
found the funny zero-byte error due to string handling: He proved that
you could buy for example the domain "com",0,"mand.org" and have the
trusted instances sign your subdomain google.com",0",mand.org" which
any firefox (at least) did recognise as valid certificate for google.com
since they considered the 0 byte as "end of string". You are not safe
from such type of exploits.
Conclusion as usual: if your life depends on it, do not trust https.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/0c487860-2a84-1a50-a3ed-29e47597011e%40web.de.
