Miscellaneous 2 min. read

Faked Digital Certificates Add Risks to Private Browsing on WiFi

Imagine this scenario: You are seated in the corner of a coffee shop privately browsing on their public WiFi network, espresso in one hand and iPad in the other, safely away from any snoopers. A man wearing a black apron stops by, tells you how much you owe, and you pay him.

But, you just handed your money to an imposter.

This is similar to the cybercrime scenario known as a “man in the middle” attack or, alternatively, as a “bucket brigade.”  Thanks to a faked certificate – functioning like the imposter’s black apron – the hacker is able to get you to pass your private details to them without your even realizing it. Oops.

Man in the middle attacks (MITM) are a quantum leap beyond the typical WiFi sniffing assault. With sniffing, the hacker is a passive participant, just intercepting and reading unencrypted data packets. MITM attacks allow the hacker to both listen and actively influence the intercepted messages. That’s the difference between someone knowing that you ordered an espresso and someone able to alter your order to a double cappuccino and have it sent to someone else’s table with you footing the bill. In other words, it’s a far more serious issue.

Getting back to the black apron metaphor, a digital certificate functions like a uniform emblazoned with the coffee shop’s logo.  It is supposed to tell you that the person wearing it can be trusted with your money. On the internet, a digital certificate includes details such as the issuer, subject, serial number, and a date to show that the associated public key has been issued by one of the many certification authorities. It is meant to say, “Trust me. Let this transaction continue.”

MITM attacks are relatively rare, especially when compared to the more common sniffing attacks. It is much more work for hackers to subvert the certification system. But, it does happen. And, it is not just individual cybercriminals that perpetrate this. Nokia was recently outed for its MITM-style unencrypting of HTTPS traffic. Some governments are also interested in getting in the middle of their citizen’s online conversations.

To protect yourself from sniffers or MITM attackers, you have two basic options. For starters, you can use the more secure HTTPS protocol to mask your internet activities. For more complete coverage, use a VPN. By connecting to the internet via a VPN, you are creating a protected tunnel that makes all of your browsing private – no man in the middle eavesdropping on your conversation or swiping your sensitive information.

Lyle Frink on

Get the latest stories and tips from Hotspot Shield in your inbox