20 Nov
2000
20 Nov
'00
5:08 p.m.
On Sun, 19 Nov 2000 obfuscation@beta.freedom.net wrote:
When the user goes to www.amazon.com, they get a plaintext http redirect to amazon.hackeddomain.com, which does check.
Still confused...
The original connection to www.amazon.com is an SSL connection, right? We are following an https: URL? (Otherwise, SSL would not even come into the picture.)
No, the attacker interferes with the very first connect to www.amazon.com, probably at the DNS level, and that's almost always done plaintext. -Bram Cohen