0

A website that contains sources I need for my work has broken HTTPS (certificate signed for a different domain). This makes me think that a MITM attack could be feasible.

As the sources are office documents, I feel that as even less secure.

How can I safely visualize them?

Is "download and then open in Google Docs" an option? Or is the simple act of downloading already at risk?

Federico
  • 159
  • 8
  • You can safely visualize them in a VM. You can use something such as VirtualBox with an ISO of your choice, download the files to the VM and view them there, then when you are done just delete the Virtual Machine (VM). This will prevent any malicious files harming your actual computer – nd510 Mar 15 '17 at 08:16
  • this assuming they do not detect the VM and do not have an escape method implemented in them, right? – Federico Mar 15 '17 at 08:18
  • A site that has a broken HTTPS does not mean that it is malicious the same as a site which has valid HTTPS can serve malicious content. HTTPS only protects the transport against man in the middle attacks but it is no indicator if the content served is malicious or not. Because the OP seems to have a misunderstanding in this regard I marked it as duplicate of a question where this is explained in more detail. – Steffen Ullrich Mar 15 '17 at 08:24
  • And in case you are more interested in how to look at potentially malicious content see [the many questions about this topic](https://www.google.de/search?q=site%3Asecurity.stackexchange.com+safely+analyze+content) on this site. – Steffen Ullrich Mar 15 '17 at 08:28
  • @SteffenUllrich thanks, I will do. (but to clarify, I fear a MITM that could compromise the files en-route) – Federico Mar 15 '17 at 08:31
  • @Federico: this was not clear for me from the question. You wrote that the *"website ... has broken HTTPS"* and from this wording I understood that you see the problem at the website itself and not at some attacker in between. – Steffen Ullrich Mar 15 '17 at 08:40
  • @SteffenUllrich sorry for my poor wording, it could be due to my poor understanding of the matter. I can rephrase it saying that the broken HTTPS makes me think that MITM is possible. if this is wrong you can address this or eventually redirect me to a different duplicate? – Federico Mar 15 '17 at 08:43
  • @Federico: see the link in my other comment which returns a google search with lots of questions on this site which deal with looking at potentially compromised/malicious data/web sites. – Steffen Ullrich Mar 15 '17 at 08:53

0 Answers0