WingNews logo WingNews
top | item 47168315

(no title)

this-is-why | 4 days ago

Even if they can rewrite the MAC and force a new one via ping, which are usually already disabled, they still can’t eavesdrop on the TLS key exchange. I fail to see how this is a risk to HTTPS traffic? It’s a mitm sure but it is watching encrypted traffic.

discuss

order

amiljkovic|4 days ago

The Ars article mentions: “Even when HTTPS is in place, an attacker can still intercept domain look-up traffic and use DNS cache poisoning to corrupt tables stored by the target’s operating system.” Not sure, but I think this could then be further used for phishing.

jcalvinowens|3 days ago

DNSSEC prevents that if set up properly.