[RndTbl] MitM on IMAPS?
Trevor Cordes
trevor at tecnopolis.ca
Sat Jan 18 03:37:26 CST 2014
I'm just wondering if it is possible for someone to MitM me in the
following scenario and intercept plaintext traffic:
dovecot imaps server with real thawte "quick" cert
|
imaps (ssl)
|
public wifi
|
android phone using imaps using "ssl" not "ssl (any cert)" option
For instance, can a malicious hotspot use some sort of interception
technique / spoofing and some sort of wildcard cert to trick my phone into
negotiating SSL with it, which then does its own SSL to my dovecot server,
thus MitM'ing me without me even knowing? I know in a web browser I'd
normally be protected against that by looking at the URL in the address
bar, or the green EV-cert graphics (or am I wrong in even that
assumption)?
How paranoid do I have to be? And is there any way to beat any
shortcoming on Android, perhaps with a client cert or a way to tie the
account to a single manually-specified server SSL cert?
More information about the Roundtable
mailing list