On Wed, Apr 15, 2015 at 6:13 PM, Karl Dubost <kdub...@mozilla.com> wrote:
> Socially, eavesdropping is part of our daily life. We go to a café, we are > having a discussion and people around you may listen what you are saying. > You read a book in the train, a newspaper and people might see what you are > reading. > The HTTP equivalent to those is a "passive MITM"--listening in (but unlike a few strangers around you in the cafe that might hear a few words it's a global surveillance regime storing every word for years). That's problem enough, but using HTTP also allows "active MITM" where the attacker intercepts your words and changes them so that your companion hears something different -- perhaps instead of ordering 2 boxes of Girl Scout cookies you're heard to say 20, and that they should be delivered to the house across the street. Or instead of proposing to your SO you're heard to break up with them because you can't stand their mother (oh hey, is that your ex over in the corner with the computer?). -Dan Veditz _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
