On Tue, Sep 09, 2003 at 09:00:28PM +0200, Joerg Rossdeutscher wrote: > Am So, 2003-09-07 um 23.44 schrieb Colin Watson: > > On Sun, Sep 07, 2003 at 09:46:02PM +0200, Joerg Rossdeutscher wrote: > > > Am So, 2003-09-07 um 21.11 schrieb Mario Vukelic: > > > > You probably don't even get security fixes fo NS 4 anymore! > > > > > > Uninteresting, since one would use NS4 only with the bank's site. They > > > don't need to hack me. They own everything I have... :-) > > > > Whoa, sure it's interesting. Consider a man-in-the-middle SSL attack: > > now somebody else owns everything you have. > > So nothing changes, I still don't own anything. :-) > > I always thought with a SSL-connection the man in the middle just gets > useless "binary trash"? Am I wrong?
A "man-in-the-middle attack" *means* that the man in the middle exploits a flaw in the system - such as a buggy browser - to get more than that. Cheers, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
