Comment by lxgr
3 years ago
It absolutely serves this purpose in a world in which there unfortunately is no TOFU/unauthenticated encryption for TLS (i.e. ours).
Thanks to widely available HTTPS certificates, "evil hackers stealing your cookies on public Wi-Fi" is not a thing anymore.
We should definitely have a discussion about whether it's made active attacks more feasible, but I think the goal of making passive sniffing less trivial than it was before can be considered achieved.
No comments yet
Contribute on Hacker News ↗