Skip to content

Man-in-the-Middle

MITM

Medium — good to knowSecurity

ELI5 — The Vibe Check

A man-in-the-middle attack is when a hacker secretly sits between you and the website you're talking to, reading and possibly changing everything you send and receive. Like if the mail carrier read, edited, and re-sealed all your letters. HTTPS and certificate pinning prevent this because the certificates prove you're talking to the real site.

Real Talk

A MITM attack intercepts communications between two parties without their knowledge. Attackers can eavesdrop, modify data in transit, or replay messages. Common attack vectors: rogue WiFi hotspots, ARP spoofing, DNS spoofing. TLS with proper certificate validation is the primary defense.

When You'll Hear This

"On public WiFi without HTTPS, MITM attacks are trivial." / "Certificate pinning prevents MITM even with a rogue CA."

Related Terms

Certificate

A certificate is a digital ID card for a website, signed by a trusted authority.

intermediateSecurity

Encryption

Encryption is scrambling your message into gibberish so only someone with the secret decoder ring can read it.

beginnerSecurity

HTTPS (HyperText Transfer Protocol Secure)

HTTPS is HTTP but with a bodyguard. All the data flying between your browser and the website is scrambled so nobody can spy on it.

beginnerNetworking

MITM (MITM)

MITM stands for Man-in-the-Middle. An attacker silently sits between your browser and the server, eavesdropping on everything.

intermediateSecurity

Session Hijacking

Session hijacking is when an attacker steals your session cookie or token and impersonates you.

intermediateSecurity

TLS (TLS)

TLS (Transport Layer Security) is the updated, actually-secure version of SSL. It's the technology that puts the padlock in your browser's address bar.

intermediateSecurity
Back to Browse Random Term

Made with passive-aggressive love by manoga.digital. Powered by Claude.