This would break the chain of trust (you wouldn't trust the network's key signin... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

lmz 33 days ago | parent | context | favorite | on: Hotel WiFi JavaScript Injection (2012)

This would break the chain of trust (you wouldn't trust the network's key signing the address for that zone).

tdtd 33 days ago [–]

The attacker doesn’t resign the DNS record with their own key, they just let the legitimately signed record though and use the IP address in that legitimate record themselves. If someone owns the network (or is an active MitM) they can control where IP addresses route to.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact