![]() ![]() ![]() If your traffic to and from the site in question is protected with TLS (or SSL) then your browser will display in the address bar and some information regarding the certificate of the site. Whilst a lot of websites quite proudly display security messages and pictures of padlocks asserting their security, there is only one single piece of reliable information regarding TLS and that's in your address bar. Unfortunately a lot of the responsibility ultimately resides with the user to determine if the site is secure and whether or not you should continue using it. TLS is what prevents anyone from accessing your traffic as it travels from your computer to the website you're visiting, and back again, by encrypting it. In a few recent blogs covering Code Injection, Session Hijacking and Advanced Session Hijacking, it has hopefully become clear why Transport Layer Security (TLS / SSL) is important. Even if a site enforces HTTPS you can still find yourself browsing an insecure version of the site. Using Karma coupled with SSLstrip the WiFi Pineapple can easily give you access to traffic that would normally have been encrypted.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |