Can they listen to https traffic?

S

Sergey2015-04-17 00:22:30

Information Security

Sergey, 2015-04-17 00:22:30

If https traffic is intercepted, then in theory is it possible to decrypt it and receive data, passwords, message texts? Well, let's say someone sits and sniffs free wifi in a cafe. https would be insurmountable for him, right?
And if, for example, a spiderman in uniform is listening to traffic, but somewhere at the provider already, then in this case, how?
The question is of interest only from an academic point of view, I want to understand how much we are all under the hood.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

C

ComodoHacker, 2015-04-17
@butteff

Possible MITM attack on HTTPS with the substitution of the server certificate. The browser should issue a warning that the certificate does not match the domain (but it may be valid). If the user ignores this warning, the transmitted data will be intercepted.

M

mace-ftl, 2015-04-17
@mace-ftl

It would be strange if you were allowed to transmit data without any control. What if you're a terrorist?
file.php?id=165&sid=86e816a824484b2060f0