1

I am frequently using public WiFi, or in Hotels etc.
When checking e-mails, I always look in the browser to see if the traffic goes through a https:// website.

Is it possible that the router my traffic goes through is manipulated? E.g. if it uses its own server but says it is gmail? Then it would be possible to retrieve the passwords and data I sent to their server (even if the browser says it is gmail)? Sorry if it is kind of a naive question.

Alex
  • 19
  • 1
  • 1
    All kinds of things can happen when you use (public/any) internet connections, but using only HTTPS is a giant step in the right direction. Keep in mind that the website identifies itself correctly (click/hover over the lockpad icon) and never log in on websites that do not use HTTPS since your traffic will be totally unencrypted. (disclaimer: this will not guarantee safety though) – Jochem Kuijpers May 22 '14 at 18:08
  • They can certainly packet sniff anything on the network they control (router, proxy, etc). However, as noted, https uses encryption which provides a little more protection. It also makes use of endpoint authentication to help prevent man in the middle attacks. – MaQleod May 22 '14 at 18:25
  • 1
    Even if you connect to a secure connection your data can be manipulated any number of ways. – Ramhound May 22 '14 at 18:31

1 Answers1

1

Yes, it is possible, known as a man in the middle attack. You can use a VPN connection to a trusted location before you surf to be safer.

brianeme
  • 19
  • 1