On Mon, Oct 3, 2011 at 4:27 AM, William Allen Simpson < william.allen.simp...@gmail.com> wrote:
> On 10/2/11 12:36 PM, Jimmy Hess wrote: > >> On Sun, Oct 2, 2011 at 10:38 AM, Michael Thomas<m...@mtcc.com> wrote: >> >>> I'm not sure why lack of TLS is considered to be problem with Facebook. >>> The man in the middle is the other side of the connection, tls or >>> otherwise. >>> >> >> That's where the X509 certificate comes in. A man in the middle >> would not have the proper private key to impersonate the Facebook >> server that the certificate was issued to. >> >> My understanding of his statement is that Facebook itself is the MITM, > collecting all our personal information. Too true. > > I assume that any MITM is actually going to try and prevent our data from making it to the end point i.e the real attacker. -- Regards, Jason Leschnik. [m] 0432 35 4224 [w@] jason dot leschnik <at> ansto dot gov dot au<jason.lesch...@ansto.gov.au> [U@] jml...@uow.edu.au
