undefined | Better HN

0 pointsstcredzero17y ago0 comments

DNS poisoning enables a MITM attack even if you're connecting to your safe, legitimate domain.

0 comments

5 comments · 2 top-level

brlewis17y ago· 3 in thread

SSL throws all sorts of warnings if the cert doesn't match the domain.

The problem with Man in The Middle attack is that it's a fundamental problem. It's on the same level as the Two Generals problem. In a way it's a variation of it. The only way to deal with it is to have a 2nd channel. Everyone who has to deal with security would be well advised to actually study this, and not blithely wave it away:

http://www.webmasterworld.com/website_technology/3711575.htm

Read the whole thread and learn. SSL can only protect savvy users. Depending on how sensitive your data is, this can still be a problem.

Combining this with DNS poisoning would be particularly bad.

tptacek17y ago

This isn't true at all. Mutual key agreement between two unrelated parties talking for the first time is hard problem. SSL gets rid of that problem by having every participant in the system rendezvous with 10+ CA's before they talk to anyone.

The SSL problem is mutual key agreement between two related parties communicating for the first time, and it's an easy one to solve.

There is a really persistant meme that SSL breaks when the DNS breaks, because all that happens when your certificate doesn't match or verify is that you get a warning. That warning says SSL isn't working anymore. You're not supposed to click through it. Real applications that use SSL under the hood don't pop up warnings: they freak out and quit.

1 more reply

gojomo17y ago

OK, you agree SSL does protect savvy users from MITM attacks.

You're talking about users who can be tricked into what are essentially non-SSL or degraded SSL (certificates from untrustworthy authorities) sessions, because they misread the URL bar or ignore warnings. That's a legitimate concern, most users are easily tricked, but that's not a vulnerability of SSL itself.

1 more reply

tptacek17y ago

The certificate needs to match the domain and bear a signature chain that traces back to your root certificate store. SSL was designed to assume that the DNS is totally insecure, which of course it always has been.

j / k navigate · click thread line to collapse

0 comments

5 comments · 2 top-level

brlewis17y ago· 3 in thread

SSL throws all sorts of warnings if the cert doesn't match the domain.

stcredzeroOP17y ago

http://www.webmasterworld.com/website_technology/3711575.htm

Read the whole thread and learn. SSL can only protect savvy users. Depending on how sensitive your data is, this can still be a problem.

Combining this with DNS poisoning would be particularly bad.

tptacek17y ago

The SSL problem is mutual key agreement between two related parties communicating for the first time, and it's an easy one to solve.

1 more reply

gojomo17y ago

OK, you agree SSL does protect savvy users from MITM attacks.

1 more reply

tptacek17y ago

j / k navigate · click thread line to collapse