Ask / Submit

Revision history [back]

click to hide/show revision 1
initial version

posted 2016-08-19 15:39:42 +0300

I don't know how to express this better:
Regular unencrypted TCP-Traffic is generally vulernable to a Man-In-The-Middle-Attack as described here, for this reason, encrypted TCP-Traffic is used. So this is not a new security vulnerability, but implementing RFC5961 fully and correctly (as GNU/Linux sadly does) allows for doing a Man-In-The-Middle-Attack in less time.

So RFC5961 makes unencrypted TCP-Traffic needlessly more vulnerable.

I don't know how to express this better:
Regular unencrypted TCP-Traffic is generally vulernable to a Man-In-The-Middle-Attack as described here, for this reason, encrypted TCP-Traffic is used. So this is not a new security vulnerability, but implementing RFC5961 fully and correctly (as GNU/Linux sadly does) allows for doing a Man-In-The-Middle-Attack in less time.

So RFC5961 makes unencrypted TCP-Traffic needlessly more vulnerable.vulnerable. Don't panic.

I don't know how to express this better:
Regular unencrypted TCP-Traffic is generally vulernable to a Man-In-The-Middle-Attack the attack as described here, for this reason, encrypted TCP-Traffic is used. So this is not a new security vulnerability, but implementing RFC5961 fully and correctly (as GNU/Linux sadly does) allows for doing a Man-In-The-Middle-Attack an attack in less time.

So RFC5961 makes unencrypted TCP-Traffic needlessly more vulnerable. Don't panic.panic.
// edit it's even not by itself a man-in-the-middle-attack

I don't know how to express this better:
Regular unencrypted TCP-Traffic is generally vulernable to the attack as described here, for this reason, encrypted TCP-Traffic is used. So this is not a new security vulnerability, but implementing RFC5961 fully and correctly (as GNU/Linux sadly does) allows for doing an attack in less time.

So RFC5961 makes unencrypted TCP-Traffic needlessly more vulnerable. Don't panic.
// edit edit: it's even not by itself a man-in-the-middle-attack