On Tue, Jul 7, 2009 at 4:03 AM, Aryeh Gregor <[email protected]<simetrical%[email protected]> > wrote:
> But really -- have there been *any* confirmed incidents of MITMing an > Internet connection in, say, the past decade? Real malicious attacks > in the wild, not proof-of-concepts or white-hat experimentation? I'd > imagine so, but for all people emphasize SSL, I can't think of any > specific case I've heard of, ever. It's not something normal people > need to worry much about, least of all for Wikipedia. > Public congresses, schools without protection for ARP spoofing (I got 0wned this way myself), maybe corporate networks w/o proper network setup... they all allow sniffing or in-line traffic manipulation. Not that uncommon attacks, and when you know the colleague you do not like is WP admin, you simply have to wait for him to visit WP logged in, and you have either his pass or the cookies. Marco -- VMSoft GbR Nabburger Str. 15 81737 München Geschäftsführer: Marco Schuster, Volker Hemmert http://vmsoft-gbr.de _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
