top | item 36741243

(no title)

uw_rob | 2 years ago

I think there is some confusion here. HTTPS is secure. Even with MITM attacks.

This is because the MITM will not have a valid certificate to provide authenticity for the public key returned.

The reason why middle boxes in corp networks can MITM is because the the corp owns the device and has installed their own domain trust to the device. This means the MITM can return a cert and public key that your device will trust. This is because the cert returned will be signed by the installed domain trust.

Another way to think about why HTTPS is secure over radio: HTTPS is at the highest level of the OSI networking model. You could do HTTPS with pen and paper and the mail if you wanted. Think about starlink! The internet today is literally going over radio waves.

This is likely why there isn't progress on encrypting old fashion radios! There is no need to encrypt old fashioned radios -- you'll just use internet over radio instead if you wanted encryption.

You bring a good point through. Since it's radio, anyone can jam your transmissions, but, they won't be able to spoof your intended friend if you are using https via radio.

discuss

withinboredom|2 years ago

HTTPS is only as secure as the CA that signs the certificate. My point is, at some point you have to bootstrap the trust. That is the single most vulnerable point (and why becoming a trusted CA is quite complex and easy to lose if you mess it up)! Without the CA, HTTPS is insecure (try self-signed certs and you'll see your browser agree with me). If you try and bootstrap a CA over the radio, it is vulnerable to MITM attacks.

There is absolutely nothing inherently secure about HTTPS without a secure CA.

quonn|2 years ago

Even after adjusting this statement three times it‘s still wrong. Certificate transparency has severely limited what CAs can do without being found out.