Man-in-the-middle

Posted on March 30, 2016 by Code Curmudgeon

Man-in-the-middle (MITM) attacks are where a person or software sits in the middle of communication between two parties. For example between your computer and your bank. Web MITM attacks are often performed by self-signed root certificates where someone like a hotel or computer manufacturers certifies the identity of both parties without actually having the authority. Often this is done for advertising purposes to either monitor behavior or inject ads into a data stream. It also exposes any of the data that is supposedly securely encrypted, like your bank credentials.

Definitioner

Man-in-the-middle: Man-in-the-middle (MITM) attacks are where a person or software sits in the middle of communication between two parties. For example between your computer and your bank. Web MITM attacks are often performed by self-signed root certificates where someone like a hotel or computer manufacturers certifies the identity of both parties without actually having the authority. Often this is done for advertising purposes to either monitor behavior or inject ads into a data stream. It also exposes any of the data that is supposedly securely encrypted, like your bank credentials.
MITM (Man-in-the-middle): Man-in-the-middle (MITM) attacks are where a person or software sits in the middle of communication between two parties. For example between your computer and your bank. Web MITM attacks are often performed by self-signed root certificates where someone like a hotel or computer manufacturers certifies the identity of both parties without actually having the authority. Often this is done for advertising purposes to either monitor behavior or inject ads into a data stream. It also exposes any of the data that is supposedly securely encrypted, like your bank credentials.