maemo.org - Talk
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

maemo.org - Talk (https://talk.maemo.org/index.php)
-   General (https://talk.maemo.org/forumdisplay.php?f=7)
-   -   Linux flaw also affects Android/Sailfish devices (https://talk.maemo.org/showthread.php?t=97267)

juiceme 2016-08-17 07:56
Re: Linux flaw also affects Android/Sailfish devices
 
Quote:
Originally Posted by nieldk (Post 1512737)
Not exactly so, this attack, while not 'easy' still, does enables attacking (downgrading) SSL connections.
It has been possible for some years, by MiTM attacks, the situation now however is it is no longer needed to be on the same network (MiTM), you do however, need to know IP adress of both targets. (Victim and server).
Yes, in theory. And it is a very thin theory indeed.
I have yet to see that attack succeed in real-life situations. It basically can only work against https connections and requires that the server side has fairly outdated configuration.
For ssh, good luck trying! :D

nieldk 2016-08-17 08:04
Re: Linux flaw also affects Android/Sailfish devices
 
Quote:
Originally Posted by juiceme (Post 1512757)
Yes, in theory. And it is a very thin theory indeed.
I have yet to see that attack succeed in real-life situations. It basically can only work against https connections and requires that the server side has fairly outdated configuration.
For ssh, good luck trying! :D
very true indeed. Unfortunately, outdated configurations are quite common, I see them every day doing pentest.
Honestly, I think we will see this being exploited. If not tomorrow, then in a couple of months.


All times are GMT. The time now is 23:44.
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

vBulletin® Version 3.8.8