open secure socket... using certificate
Richard Gaskin
ambassador at fourthworld.com
Mon Feb 1 16:01:20 EST 2021
Tom Glod wrote:
> On Fri, Jan 29, 2021 at 1:09 AM Richard Gaskin wrote:
>> The main benefit of encrypted sockets is to mitigate man-in-the-
>> middle attacks.
>>
>> If you have a man in the middle of processes on a local computer that
>> isn't you, it would seem you have bigger concerns. ;)
...
> Hi Richard...the man in the middle attack is exactly the thing I was
> thinking of.
It seems I didn't write clearly.
With localHost the man in the middle is you, or someone else with
physical access to your computer (which is more or less the same thing).
Given the old adage that physical access = root, I'm unable to think of
a scenario in which encrypting localhost sockets is beneficial. Am I
overlooking something? I'm no CISSP, so I may well be.
--
Richard Gaskin
Fourth World Systems
Software Design and Development for the Desktop, Mobile, and the Web
____________________________________________________________________
Ambassador at FourthWorld.com http://www.FourthWorld.com
More information about the use-livecode
mailing list