Has anyone empirically analyzed the actual threat from using public WiFi? That is: (1) how much useful (unencrypted) data is still available to a rogue AP, (2) how well these attacks could be executed by remote attackers?
-
-
How many apps are on your phone? How confident are you that EVERY app, aside from your web browser I suppose, uses HTTPS properly? Or uses HTTPS at all (as opposed to HTTP).
-
This is the real problem. From a browser MitM point of view, HSTS is the real killer, and any attack will have to also redirect to a different realistic DNS name. Captured portal "login please", might not have HSTS...
- 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.