The case of the fraudulent SSL certificates
Posted Mar 24, 2011 17:53 UTC (Thu) by giraffedata
Parent article: The case of the fraudulent SSL certificates
How does a fraudulent certificate allow a man in the middle attack? Say I connect to a bad guy's wireless access point in an airport, then browse Paypal. How does the bad guy sniff my Paypal password?
I can see how the bad guy could connect me to his impostor Paypal site, but that's not man-in-the-middle.
to post comments)