Because it’s easier that the server be MITMed for a shorter duration to prevent ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		supriyo-biswas on June 19, 2024 \| parent \| context \| favorite \| on: Off-path TCP hijacking in NAT-enabled Wi-Fi networ... Because it’s easier that the server be MITMed for a shorter duration to prevent discovery[1]. It’s also easier if you can just strong arm the CA to issue a certificate or have the shady CA issue it[2][3]. [1] http://notes.valdikss.org.ru/jabber.ru-mitm/ [2] https://www.wired.com/2010/03/packet-forensics/ [3] https://bugzilla.mozilla.org/show_bug.cgi?id=1391063

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact