I have friends andfamily that travel/live in foreign countries and compromised u

Question

I have friends andfamily that travel/live in foreign countries and compromised unsecure wireless networks and credit card scanners have always been a problem. I was recently asked a question about logging into personal bank accounts and other secure websites from these insecure locations.

I was under the impression that if you are using your own machine and connecting to a site that utilizes HTTPS from the moment you hit (compared to some that just use it on payment or login pages) that you were safe from most "reasonable" threats associated with a compromised wireless network. Am I wrong?

Explanation / Answer

First of all, you need to disable SSLv3 on your browser, to prevent POODLE attack (SSL3 "POODLE" Vulnerability)

Then, there's no issue using HTTPS even in "not safe" areas, because TLS protect you from Man In The Middle attack, with handshake, end-to-end encryption and Certificate Chain verfication.

One common problem you could encounter, is SSL stripping: the proxy you are connected to can force you to communicate with HTTP only, giving it everything in clear text and then simulate an HTTPS connection with your targeted site. HSTS may prevent such downgrade attack, but it's not widespread actually and presents some limitations with initial requests.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.