Curated list of episodes, bundled to help you on your learning path!
Videos of tech, infrastructure, hardware and software which non-instructional by nature.
Articles around software and tutorials.
Show your love and support while looking fancy.
You mentioned man-in-the-middle attacks as an example of how client-side encryption can protect a users data.
Doesn't SSL already protect against this kind of attack?Namely, I thought SSL guaranteed the authenticity of whoever you are communicating with. Is this not the case?
SSL Doesn't really protect against a MitMA. In hindsight, this method really doesn't either. However, this method does provide some level of obscurity to your password which is good, but in no means does it replace the need for SSL certs.
A VPN tunnel or something similar would be a much safer bet. I really should have made the episode more around the ability to have a secure communicate between two users or something. Yes, a trusted Certificate Authority does issue SSL certificates to someone when they can verify a level of ownership to a domain.