Skip to content

Top Best Ask Show New Jobs

Ask HN: How common or plausible are TLS MITM attacks?

2 pointsaphextron5y ago5 comments

In building a financial app, I've been thinking constantly about security. Ultimately everything comes back to TLS. If that's able to be compromised, there's almost no way I can think of to stay secure. How common or realistic is it to assume this could ever happen to my application?

5 comments

5 comments · 3 top-level

fffkkkhhh5y ago· 2 in thread

@aphextron are you aphex from ytmnd?

aphextronOP5y ago

lol yeah wow, who is this?

fffkkkhhh5y ago

ewok come post at rubycalaber i miss you man dont be like doc and dissapear inside a super man comic http://www.rubycalaber.com/forums/forum.php or ttheredpenn@gmail.com

Assuming that TLS will not be broken in transit is a common and reasonable assumption. The easiest way to break TLS is at the endpoints.

Implementation errors in your code, cert mis-issuance, errors in the underlying TLS implementation (certificate parsing and validation errors are quite common) and device compromise are all things to think about.

It might be useful to think about what is your responsibility versus the device vendor's responsibility versus the user's responsibility.

Assuming you aren’t certificate pinning, if someone gets access to the device unlocked for a moment, they can add their own cert to the device trust and you’re dead. This is a big deal if you’re building a kiosk type of thing but not so much if it’s a phone app.

The better approach is to assume your app will get MITMed and reduce how much damage the attacker can do.

j / k navigate · click thread line to collapse