If so, what is it called when someone alters or interjects into un-encrypted com

Question

If so, what is it called when someone alters or interjects into un-encrypted communications? Is that email spoofing? How is it resolved?

End users probably are more concerned with the fast resolution of the current disruption to their work than with the technical prevention.

How would an account holder even know to speak with a security person since the recipient of a negative injected message is unlikely to respond or be open to printing copies for comparison with sent messages.

(Joe says "I love cats". The recipient receives the message "I hate cats", becomes angry and doesn't respond. Joe then says "Do you want me to babysit your kitten?". Recipient responds with "Piss Off". Joe says "You piss off!!!!!") The MitM is buried in the middle of several other authentic messages.

How would you know?

Explanation / Answer

Short answer - no, man-in-the-middle attacks are not necessarily confined to encrypted communications.

Also, in many cases MITM on encrypted connections is aimed at actively intercepting/eavesdropping on messages, rather than injection. One example are some Intrusion Prevention Systems (IPS) (e.g. PaloAlto do it for SSH) that need to perform MITM in order to inspect traffic content, which otherwise would pass through the IPS w/o being fully examined.

On your second question of verifying the authenticity of a message, one does not have to exchange messages over an encrypted medium, but can use methods such as digitally signing messages (for example, using PKI) - the message can be sent in plain text, and the attached message fingerprint (cryptographic signature) can prove its authenticity.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.