Hacker Newsnew | past | comments | ask | show | jobs | submit | dTP90pN's commentslogin

Depends on your health insurance. My previous insurance company paid back the full cost when I was 30 years old. I can recommend checking https://www.entschiedengegenkrebs.de/vorbeugen/kostenerstatt... (and then also confirming that with the insurance company over text, just to be safe)


What happened to the good old tin can telephone down the side of the house to the washing room?


There's no "relaying" when the the attacker just captures unencrypted WiFi packets from the air, or more traditionally, splits some light out of the fiber line.


I hate to agree but they are right. Endpoint-spoofing and relaying between two spoofed endpoinbts is just one of the possible forms of mitm attack that just happens to be required if you happen need to open and re-pack encryption in order to evesdrop, or if you need to modify the data.

Spoofing the two endpoints to decrypt and re-encrypt, just so that you can evesdrop without modifying the data (other than the encryption) is certainly still "mitm". Yet all the man in the middle did was evesdrop. Becoming two endpoints in the middle was only an implimentetion detail required because of the encryption.

If you are admin of one of the mail servers along the way between sender and recipient and and can read all the plain smtp messages that pass through your hands like postcards without having to decrypt or spoof endpoints, that is still mitm.

So listening to wifi is no less. There is nothing substantive that makes it any different.

For endpoint-spoofing to be required for mitm, you would have to say that mitm only applies to modifying the data, which I don't think is so. Several purely evesdropping applications are still called mitm.


> for example, an attacker within range of an Wi-Fi access point hosting a network without encryption

The monkey in the middle doesn't get to "relay" anything either, but he can sure see it going over his head.


The German Wikipedia has a list of such DDIs in various countries (primarily France since they apparently invented them in the 1970s):

https://de.m.wikipedia.org/wiki/Anschlussstelle_(Autobahn)#D...


The real solution is obviously to use geolocation to find the closest country which officially uses the individual language(s).


A small number of people with likely professional involvement in the Fedora project and possibly RHEL.

A supply chain attack serve as the basis for another supply chain attack.


If Xen uses these addresses "on boot", why has booting Xen worked the past 11 years then?


You can "wipe"/"drag" upwards to exit the A/C overlay (just like, for example, android quick settings/notifications).

Of course, you have to do this the "correct way", which in and of itself requires a bit of experimentation to learn.


Mozilla implemented a fork server to fix this issue. It is enabled in the new deb packages, but not yet in "normal" Firefox:

https://bugzilla.mozilla.org/show_bug.cgi?id=1609882

https://bugzilla.mozilla.org/show_bug.cgi?id=1850026


Why would Firefox have to "rollback" their UA string back to version 64, released 6 years ago (2018)? That seems utterly ridiculous for a server side UA sniffing bug rolled out by the Google Search Team.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: