Man in the Middle
What is a man in the middle attack? You may have heard this before, and you'll hear it plenty more as it is the easiest and most common network attack.
The general idea is that if Computer A tries to communicate with Computer C, but their conversation transits over Computer B, B is able to read and even alter the messages being sent. This can allow Computer B to impersonate both people to each other and have them each receive a totally incorrect message while never knowing that they are being listened in on. This was not a huge problem back in the '70s on ARPANET, but now, when there are dozens of hops between your computer and whatever website you visit, any of those could be intercepting your traffic (and mostly likely multiple are).
Once again, the academy's piece on this is pretty damn good. Of course, we'll be going into this deeper later and you will do it yourself, but it's a good speed intro.
- Of CIA, what were the pillars that can be attacked if an adversary is able to do a man in the middle?
- In the Computer A,B and C scenario, what are the human names which match up to them?
- This one requires a google, but who is Mallory, and what makes her different from Eve?
- How does your browser protect you from MITM attacks? This will require a google.
How to Be Safe
- Use a VPN/proxy/tor
- Basic wifi safety
- Use a VPN!
- Open WiFi vs. secure WiFi
Tasks: * Make a Keybase Account * Send a PGP email using Keybase. Realize that was a lot of work for the easiest way to use PGP. * Download Signal on your Phone. * Ensure HTTPS Everywhere is installed