Reply to post:

Hacked in a public space? Thanks, HTTPS

Ian Thomas

The attack you describe causes the user's browser to connect over HTTP, so if you're checking for HTTPS at the appropriate times then you won't be vulnerable. You're not saying HTTPS is broken, you're saying there are ways you can trick users to not use HTTPS.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019