maemo.org - Talk - View Single Post - Linux flaw also affects Android/Sailfish devices

nieldk	2016-08-16 , 17:57
Posts: 1,290 \| Thanked: 4,319 times \| Joined on Oct 2014	#7

Originally Posted by juiceme

No a very serious flaw.

TCP connection hijacking can only ever be used against unencrypted connections so for example ssl/ssh connections are safe provided you don't override certificates

Not exactly so, this attack, while not 'easy' still, does enables attacking (downgrading) SSL connections.
It has been possible for some years, by MiTM attacks, the situation now however is it is no longer needed to be on the same network (MiTM), you do however, need to know IP adress of both targets. (Victim and server).

__________________
You can still support my work by donation - click here

Quote & Reply |

The Following 7 Users Say Thank You to nieldk For This Useful Post:
juiceme, lal, peterleinchen, pichlo, santeira, Slate