←back to thread

Just want simple TLS for your .internal network?

(github.com)
246 points nh2 | 1 comments | 18 Oct 24 06:10 UTC | HN request time: 0.203s | source
Show context
Wowfunhappy ◴[22 Oct 24 12:52 UTC] No.41913728[source]
Is there really any benefit of this over just using HTTP?

What is the threat model in which an attacker could MitM your internal network?

replies(5): >>41913783 #>>41913784 #>>41915125 #>>41915370 #>>41915882 #
poincaredisk ◴[22 Oct 24 15:16 UTC] No.41915125[source]
>What is the threat model in which an attacker could MitM your internal network?

Police raid on your home/company. Malware on a router. Malicious actor in the server room. Possibilities are endless.

SSL added and removed here ;-)

(this is a reference, look it up if you don't recognize it)

replies(2): >>41915343 #>>41916818 #
1. marginalia_nu ◴[22 Oct 24 17:51 UTC] No.41916818[source]
Router malware is the one thing out of those thing that seem plausible.

If you have physical access, TLS isn't much protection against eavesdropping. At that point they can just compromise your hardware instead.