Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'debug /lax certificates at each launch' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
debug /lax certificates at each launch
Authored by: maged on Jan 24, '03 03:05:57PM
NOT a good idea. Wow, the amount of *REALLY* insecure advice/comments people make on these boards is scary.

MITM attack (Monkey in the Middle). Is used to hijack SSL sessions. Someone basically makes their own fake cert and acts as a proxy between you and the "secure" server you think you are talking to. Your browser tells you that you are connecting via SSL. Meanwhile, the MITM is seeing everything that goes by in the clear.

Enabling lax cert checks, and you won't even notice what is happening... especially since the checks are lax for *all* https sessions.

[ Reply to This | # ]
debug /lax certificates at each launch
Authored by: stewby on Jan 25, '03 12:33:21AM

Clearly you wouldn't want to leave it on all the time; I never suggested you should. But for those who want to use Safari until Apple improves certificate handling, it's nice to know how to temporarily lower security levels enough to actually reach a site you want to get to.



[ Reply to This | # ]