[145258] in North American Network Operators' Group
Re: Facebook insecure by design
daemon@ATHENA.MIT.EDU (Jimmy Hess)
Sun Oct 2 18:26:21 2011
In-Reply-To: <240172.1317592435@turing-police.cc.vt.edu>
Date: Sun, 2 Oct 2011 17:25:21 -0500
From: Jimmy Hess <mysidia@gmail.com>
To: Valdis.Kletnieks@vt.edu
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sun, Oct 2, 2011 at 4:53 PM, <Valdis.Kletnieks@vt.edu> wrote:
> On Sun, 02 Oct 2011 08:38:36 PDT, Michael Thomas said:
>> I'm not sure why lack of TLS is considered to be problem with Facebook.
>> The man in the middle is the other side of the connection, tls or otherwise.
> Ooh.. subtle. :)
Man in the Middle (MITM) is a technical term that refers to a rather
specific kind of attack.
In this case, I believe the proper term would be just "The man".
[Or "Man at the Other End (MATOE)"]; you either trust Facebook with
info to send to
them or you don't, and network security is only for securing the
transportation of that information
you opt to send facebook.
Yes, if Alice sends Bob an encrypted message that Bob can read, and
Bob turns out to
be untrustworthy, then Bob can sell/re-use the information in an
abusive/unapproved way for
personal or economic profit.
--
-JH
