Does HTTPS really provide 100% privacy?

It all started with this blog mentioning HTTPS MITM possibilities. Quote:

Do you really believe you have end to end secure connection with your bank when you access your account from the office? Think again.

This got me into some research, especially after a few days later an announcement from CloudFlare came out. Here are the results: there are at least two scenarios for TMITM (Trusted Man In The Middle) HTTPS interception.

(more…)

Advertisements