Quote:
Originally Posted by Jimmy Stang
Honest question: If I were to connect to one of your honeypots with my iPhone, realistically how much information could you get from my traffic? I certainly wouldn't be doing any banking or anything like that, and assuming that all connections to email servers, Facebook, etc. were done with an SSL connection, could you find anything of importance? Or would you be limited to unencrypted passwords, logins, etc.?
Obviously it isn't a recommended practice to do anything over an untrusted connection, but in a practical sense, what info could you find?
|
I don't run honeypots
But...
If I did, and you're asking about SSL, you're not my target audience. There are so many users that don't know anything about SSL, secure POP3 or IMAP, cookies, session hijacking, SSL man in the middle attacks, etc, and that are still using one password for all their logins, that you are the least of my worries or productive use of my time.