Mitm ssl vulnerability

Discussion in 'macOS' started by sadsadsadsa, Feb 22, 2014.

  1. sadsadsadsa macrumors newbie

    Joined:
    Jan 9, 2014
    #1
    I don't understand how someone on the same network can intercept your private information?
     
  2. Weaselboy Moderator

    Weaselboy

    Staff Member

    Joined:
    Jan 23, 2005
    Location:
    California
    #2
    You can read a bit about it here.

    Basically it allows someone on the same network (like say on Starbuck wifi) to pose as the target web site to intercept your login information. So you think you are logging in to Bank of America, for example, when you are really logging into the hackers web page made to look like the Bank of America web site and they now have your banking password.

    Ordinarily the SSL certificate would tell you the fake cite is not legit, but this recent security flaw allows the hacker to get around that safeguard.
     

Share This Page