Hacker News new | past | comments | ask | show | jobs | submit login

Not so. The NSA smiley [1] showed that the smartest of attackers (or maybe the chinese are, but that's besides the point) are still (or were still, as of ~5 years ago) relying on passive MITM. It's far easier to exploit a passive vulnerability for a long time - Active exploits leave traces, give clues as to who you are. Passive exploits often leave the user without any idea that they are being snooped.

[1] https://www.google.com/search?q=nsa+smiley&es_sm=122&tbm=isc...




... because if a passive attack works and is easier to launch, why bother with an active attack?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: