Getting in the middle of a connection – aka MITM – is trivially easy

One of the things the SSL/TLS industry fails worst at is explaining the viability of, and threat posed by Man-in-the-Middle (MITM) attacks. I know this because I have seen it first-hand and possibly even contributed to the problem at points (I do write other things besides just Hashed Out).

Obviously, you know that a Man-in-the-Middle attack occurs when a third-party places itself in the middle of a connection. And so that it can be easily understood, it’s usually presented in the simplest iteration possible—usually in the context of a public WiFi network.

But there’s a lot more to Man-in-the-Middle attacks, including just how easy it actually is to pull one off.

So today we’re going to unmask the Man-in-the-Middle, this article will be a precursor to a future white paper by that same name. We’ll talk about what a MITM is, how they actually occur and then we’ll connect the dots and point out just how important HTTPS is in defending against this.

Let’s hash it out.

The post Executing a Man-in-the-Middle Attack in just 15 Minutes appeared first on Hashed Out by The SSL Store™.