Manipulated Router

1

I am frequently using public WiFi, or in Hotels etc.
When checking e-mails, I always look in the browser to see if the traffic goes through a https:// website.

Is it possible that the router my traffic goes through is manipulated? E.g. if it uses its own server but says it is gmail? Then it would be possible to retrieve the passwords and data I sent to their server (even if the browser says it is gmail)? Sorry if it is kind of a naive question.

Alex

Posted 2014-05-22T18:00:39.573

Reputation: 19

Question was closed 2014-05-23T12:18:08.850

1All kinds of things can happen when you use (public/any) internet connections, but using only HTTPS is a giant step in the right direction. Keep in mind that the website identifies itself correctly (click/hover over the lockpad icon) and never log in on websites that do not use HTTPS since your traffic will be totally unencrypted. (disclaimer: this will not guarantee safety though) – Jochem Kuijpers – 2014-05-22T18:08:17.770

They can certainly packet sniff anything on the network they control (router, proxy, etc). However, as noted, https uses encryption which provides a little more protection. It also makes use of endpoint authentication to help prevent man in the middle attacks. – MaQleod – 2014-05-22T18:25:44.713

1Even if you connect to a secure connection your data can be manipulated any number of ways. – Ramhound – 2014-05-22T18:31:42.813

Answers

1

Yes, it is possible, known as a man in the middle attack. You can use a VPN connection to a trusted location before you surf to be safer.

brianeme

Posted 2014-05-22T18:00:39.573

Reputation: 19

Asked: 2014-05-22T18:00:39.573

Viewed: 66 times

Active: 2014-05-22T18:08:12.287