The danger of man in the middle attacks and the green padlock in your browser

in #hacker3 years ago

Most websites show this symbol in your taskbar when you open them, this means you are on a secure connection and as safe as possible from man in the middle attacks.

But what are Man in the Middle attacks?

A man in the middle attack is when someone get between you and your router or the server your connected with and reads all the data the server sends you before it reaches your PC. This would mean that the man in the middle(the person that reads the info between you and the server) can get any information you and the server exchange from google searches to bank details.

How to prevent them

Over time we came up with many ideas to prevent these attacks, all of them based on so called Keys(a collection of numbers that encrypt what we send and that can only be decrypted on the other end).

The first atempt at using such keys was to make the server send it's key to user when he first want's to interact with it, so that anyone that tries to enter the connection later can't read the message later without the Key to decrypt it. The problem with that houg, is that if the man in the middle allready is reading the transfered information from the beginning on, he can just decrypt it before the user does and send him another key that the user things is the reals one and just uses to encrypt his data. So the man in the middle just has to decrypt with 2 keys and has all the information.

So we came up with another idea(the one that's in use now) having companies(that we have to trust) that create keys for companies and verify them. On the other end are our browsers that have a list of the trusted companies installed to prevent presons in the middle to send wrong keys(this would pop upan alert box) so the companies give keys to the web hosts that need them and if any wrong key gets to the user he'll get informed.

How to find out if a Website uses keys

As mentioned, not all websites use these keys, but most of them do. The easiest way to find out is to take a look at your taskbar if there's a green padlock on the left, the side is secured if it's an  exclamation mark you should be careful. Steemit for example has this green padlockso don't worry.

Conclusion

It's not totaly possible to protect you from man in the middle attacks, as people could still for example put themselves in your list of trusted sources and stuff like this. But we found a pretty good solucion for this point of time and the only thing you should do is to check wether the sides you use are secure.