This repository has been archived by the owner on Nov 21, 2019. It is now read-only.
Man in the Middle Attacks possible! Proof is attached #804
Comments
Zwilla
changed the title
|
I'm unsure you understand the function and communication layers of Google Translate. MEW has a (EV) ssl cert also, so if the certificate is invalid, it will prevent communication. |
Sorry 409h, but I think you did not fully understand this. |
What do you mean? I think this is a non-issue to be honest. Who runs MyEtherWallet via proxy/Google Translate when;
I feel your argument is just against using MyEtherWallet over Google Translate, which is limited and probably not happening by anyone, so a non-issue. Can you expand, please. |
|
Closing this issue. Don't hesitate to reopen if needed. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Dear Team,
as you know I worked since one month on a high security fork of MEW, called MTW.
All my research you can find here: https://github.com/Zwilla/mytokenwallet.com/blob/master/New_Features_on_MyTokenWallet.md
see No. 10 Man-in-The-Middle-Attack possible - proof!
New release is in online: https://myTokenWallet.com
Proof! Test it by your self! MITM-Attack
Dear Team,
If you want to learn about how to protect read this:
https://en.wikipedia.org/wiki/Man-in-the-middle_attack#Defense_and_detection
p.s. Your current code is also not resistant against MITB Attacks- PDF of Sans.org! USERS - Stop using Safari browser <= Version 10.1.2 (12603.3.8), yes it is the current version. Only on the Safari Technology Preview the bug is fixed!
Today I will make a video to proof that Safari is an infected and buggy browser <= Version 10.1.2 (12603.3.8)
The text was updated successfully, but these errors were encountered: