|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
In-Reply-To: <4E889EE4.7090600@gmail.com> Date: Tue, 4 Oct 2011 03:08:41 +1100 From: Jason Leschnik <leschnik@gmail.com> To: William Allen Simpson <william.allen.simpson@gmail.com> Cc: nanog@nanog.org Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org On Mon, Oct 3, 2011 at 4:27 AM, William Allen Simpson < william.allen.simpson@gmail.com> wrote: > On 10/2/11 12:36 PM, Jimmy Hess wrote: > >> On Sun, Oct 2, 2011 at 10:38 AM, Michael Thomas<mike@mtcc.com> wrote: >> >>> I'm not sure why lack of TLS is considered to be problem with Facebook. >>> The man in the middle is the other side of the connection, tls or >>> otherwise. >>> >> >> That's where the X509 certificate comes in. A man in the middle >> would not have the proper private key to impersonate the Facebook >> server that the certificate was issued to. >> >> My understanding of his statement is that Facebook itself is the MITM, > collecting all our personal information. Too true. > > I assume that any MITM is actually going to try and prevent our data from making it to the end point i.e the real attacker. -- Regards, Jason Leschnik. [m] 0432 35 4224 [w@] jason dot leschnik <at> ansto dot gov dot au<jason.leschnik@ansto.gov.au> [U@] jml974@uow.edu.au
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |