undefined | Better HN

0 pointsphaer12y ago0 comments

If a random attacker in your local network can do that easily you should talk to your bank about SSL or change to one that actually knows basic internet technology.

SSL should be assumed as broken for defence against government surveillance but it still keeps the most common attackers out.

0 comments

1 comments · 1 top-level

joe_the_user12y ago

SSL depends on dns and so is broken when someone has compromised your local router. Yeah, that's a pretty bad weakness but it's just sitting there and indeed that's what the NSA supposedly used against Petrobras.

j / k navigate · click thread line to collapse