Tom Glod wrote:

> On Fri, Jan 29, 2021 at 1:09 AM Richard Gaskin wrote:
>> The main benefit of encrypted sockets is to mitigate man-in-the-
>> middle attacks.
>> If you have a man in the middle of processes on a local computer that
>> isn't you, it would seem you have bigger concerns. ;)
> Hi Richard...the man in the middle attack is exactly the thing I was
> thinking of.

It seems I didn't write clearly.

With localHost the man in the middle is you, or someone else with physical access to your computer (which is more or less the same thing).

Given the old adage that physical access = root, I'm unable to think of a scenario in which encrypting localhost sockets is beneficial. Am I overlooking something? I'm no CISSP, so I may well be.

 Richard Gaskin
 Fourth World Systems
 Software Design and Development for the Desktop, Mobile, and the Web

use-livecode mailing list
Please visit this url to subscribe, unsubscribe and manage your subscription 

Reply via email to