RECOMMENDED: Click here to fix Windows errors and optimize system performance
HTTP stands for Hyper Text Transfer Protocol and is widely used on the Internet. In the early years of the Internet, it was acceptable for this protocol to request credentials, etc. because there was not much danger that people would sniff your data packets to steal your credentials for various websites. When people realized the danger, HTTPS (HTTP Secure) was invented, which encrypts the data exchange between you (the client) and the website with which you interact.
Read : Difference between HTTP and HTTPS.
Until a few years ago, HTTPS was considered infallible until a person named Moxie proved it by usurping HTTPS. This was done by intercepting data packets in the middle of the communication by someone who forged the HTTPS security key to make you believe that the connection is still encrypted. This article examines the usurpation HTTPS, where even reputable companies have used technology to observe you and your activities. Before you understand Man in the Middle attack, you need to know something about the HTTPS certificate key that is false, in order to believe that everything is fine.
What is the HTTPS website certificate key
Some certification authorities offer certificates of fitness for websites. Many factors determine the fitness factor: encrypted connection, virus-free downloads and much more. HTTPS means your data is secure during transactions. HTTPS is mainly used by online shops and websites that have data/information that is private to you – such as e-mail sites. Social networks such as Facebook and Twitter also use HTTPS.
With each certificate, there is a key that is unique to this website. You can view a Web site’s certificate key by right-clicking on its Web page and selecting PAGE INFO. Depending on the browser, you will see different types of dialog boxes. Look for CERTIFICATE then THUMBPRINT or FINGERPRINT. This will be the unique key to the website certificate.
HTTPS security and spoofing
To return to your security level with HTTPS, the certificate key can be falsified by third parties among clients and websites. This technique of reflecting on your conversations is called the human in the middle.
How to send your browser to HTTPS: Click LOGIN or enter the URL. In the first case, you will be directed to the HTTPS page. In the second case, if you enter the URL, the DNS is resolved to a page that redirects you to the HTTPS page using Auto-Redirect.
The middle man has certain methods for intercepting your first site access request, even if you have entered HTTPS. The middle man could be your navigator himself. Opera Mini and BlackBerry browsers intercept and decode communications early so they can be compressed for faster navigation. This technique is – in my opinion – wrong because it facilitates interception, but then companies say that nothing is registered.
When you enter a URL, click on a link or a bookmark, ask your browser to connect (preferably) to the secure version of the site. The middle man creates a false certificate that is difficult to identify as defective because the certificates on the website have the same format, regardless of the certification authority. The middle man successfully forges a certificate and creates a THUMBPRINT that is checked against the certification authorities your browser already trusts. This means that it appears that the certificate was issued by a company added to your browser’s list of trusted certification authorities. This allows him to believe that the certificate key is valid and provides Man in the Middle with encryption data. So the middle man now has the key to decrypt the information you send over that connection. Note that Man in the Middle also works on the other side by sending your information to the website – honestly, but so they can read it.
This explains the HTTPS spoofing of the site and its operation. It also indicates that HTTPS is not completely secure. There are a few tools that would let us know that there is a man in the middle, unless you are a well-trained computer expert. For ordinary people, the RCMP website provides a way to get THUMBPRINT. You can check the THUMBPRINT certificate at GRC and compare it with a certificate you have retrieved via PAGE INFO. If they match, it’s okay. Otherwise, there’s a man in the middle.