Hijacking: Difference between revisions
mNo edit summary |
|||
| Line 9: | Line 9: | ||
A man in the middle attack cannot be detected on the Internet, but it can be avoided by using cryptography. If one component is clear text and you as the end user relies on that you can be maliciously hijacked and all your websites may still look like websites but behind them is something else, something that's dangerous. | A man in the middle attack cannot be detected on the Internet, but it can be avoided by using cryptography. If one component is clear text and you as the end user relies on that you can be maliciously hijacked and all your websites may still look like websites but behind them is something else, something that's dangerous. | ||
See any cryptography book to show how authentication systems work. | See any cryptography book to show how authentication systems work. There is a small club in the world that understand cryptography and if current algorithms are broken, they are the ones to | ||
find out first. If they don't a broken cipher may live on in secrecy to your detriment if used | |||
against you. | |||
Latest revision as of 05:51, 21 July 2008
Hijacking in the Internet World means that someone has taken over your open sessions and continues them without your approval. Often the person must be a man in middle. Also see Juped IRC term.
Necessary paranoia
A man in the middle attack cannot be detected on the Internet, but it can be avoided by using cryptography. If one component is clear text and you as the end user relies on that you can be maliciously hijacked and all your websites may still look like websites but behind them is something else, something that's dangerous.
See any cryptography book to show how authentication systems work. There is a small club in the world that understand cryptography and if current algorithms are broken, they are the ones to find out first. If they don't a broken cipher may live on in secrecy to your detriment if used against you.
