[brenns10]

A MITM attack requires an attacker is able to intercept and inject messages between you and the other side of your connection. So when you connect via HTTP to the IP, the attacker just masquerades as the intended target and either doesn't redirect to HTTPS or does so with their own self signed certificate.

[dudehere]

The problem with SSL certification on blockchain domains is that certificates from authorities cannot be made eternal. Either unmanned, or from CA. No real alternative.

[dudehere]

Ok, true. I think realistically, just use a community approved (and actually the only) software from the company who risks its huge business, if they become a MITM.

[cmeacham98]

Tons of people have an opportunity to MITM you and there's nothing any community approval can do about it because it's not their end of the connection.

The random on the coffee shop wifi.

Or the hacker on your apartment/university's poorly configured network.

Or your shady ISP.

Or your own government (especially likely in authoritarian countries decentralized solutions are supposed to help).

I see elsewhere you mentioned certificates on the blockchain. That could work, but someone has to actually create a standard and write the code to validate the certificate and get other people to use it, which hasn't happened yet.

[dudehere]

I am aware of SSL on blockchain domains, but this is pain in the ass. As I mention somewhere in this thread, if random downloaders lose the same concerns about privacy as serial killers and child traffickers, I think it's better to buy a book, than to actually satisfy such demands. It can be a good joke for stand-up, though, but since there have been only a few individuals caught in the entire mankind history for making or hosting such libraries, it's not more than a joke which should not detail the world from using high tech. No need to be afraid as an academic exercise. In reality nobody needs users. At all. A few owners vs a billion users... No, bro, no. We are wasting time discussing how a book without any private data is "defaced". It is possible, if to stick a dynamite up the ass, but likely without real exposure or, let alone, the interest of all those 12 lawyers in the world fighting with piracy.

Have a glass of wine and relax. There is a long line of people to catch before you get on the list.

[cmeacham98]

I'm not worried about getting "caught" for piracy, I'm worried about some asshole in the middle hijacking my connection.

Story time: back when I was in college a few years ago, the university network had some weird configuration where everybody in my dorm was on a single large local network. Somebody thought it would be funny if they ARP poisoned the network and redirected all HTTP traffic to shock websites. This would last 2-3 weeks until either they decided to stop or University IT finally caught them.

Regardless, I'm glad we moved the goalposts to "you don't need privacy" and conceded that my original comment pointing out how insecure this was is correct.

[dudehere]

There is always a trade-off between convenience and security, and in the comment about http user's convenience is considered a priority.

Papers are distributed with IP-addresses stamped in many pdf files upon their downloading from publishers, and nobody seems discussing it. This is incomparably more harmful than some random MITM somewhere done by someone and requiring an infrastructure invasion. But even this has not yet posed a real threat.

BitTorrent: anybody directly intercepts the IP-addresses of seeders, and again, no much worry. No need to hack in as with MITM, it's just yours, go watch.

So, no problem with MITM in this project, at all. People who want to steel the projects reputation or name, simply squat domains or make various groups.

In my opinion MITM is no much different from intercepting a phone conversation by connecting to physical wires going to your apartment. It's very localized.

[dudehere]

True, but I gave a solution for such countries and other cases along the lines: use VPN. It fully recovers security. You only need to quit your local network to bypass MITM risk. VPN does a lot more for your security and privacy.

It is not less secure since there's no equivalent more secure option. Don't mix problems of your network access with global decentralization. Decentralization alone is a way for better security by obscurity, but you should appreciate that whoever makes the project are volunteers having scarce resource and who don't want to make it a job for making it perfect for infinitesimal concerns.

I have no idea what "original" you refer to in this context. If the Web is more secure with broken HTTPS here and there and fully centralized access, you probably didn't fully understand what the dWeb project is doing.

[cmeacham98]

You can claim that MITM attacks are "localized" and "one-off", but in reality there are entire countries that MITM their citizens, the most well known example being the Great Firewall of China.

What is the point of a decentralized solution that is less secure than the original and can be easily thwarted by more actors than the original (which we know happens to entire countries in the real world)?

[dudehere]

I've just reread my message above, it has many mobile typos. Sorry about that. I hope it wasn't too derailing.

About MITM I'd like to add that this event is an exception even for a single person, since (the same) MITM cannot occur on different millions of network we all randomly switch. Anybody would see that the target site doesn't behave as normal at some point, should such an event happen.

Indeed, malicious networks exist and the key points here about them would be: 1) the current libgen.crypto implementation is read-only and doesn't request anything of value to be transmitted over the network; 2) your personal visiting statistics would quickly reveal, if MITM attack occurred. Eventually MITM is not more than site defacing. It's not going to be unnoticed in a read-only project, if starts behaving suspeceously.

Everyone knows what results to expect from LG (remember, the original LG project sets reputation and ethics as the top priority), there should be no issue to simply stop browsing.

Also, to avoid local network tricks (which can be very harmful), use VPN whenever possible. Nowadays it seems to be a universal tool everybody should have.

And don't connect to random WiFi networks ever. Only to those which belong to organizations you visit and are trusted.

Your post was correct, yes, since it stems from a mere HTTP protocol observation, but it ignores why it's the only way to access for some systems with some features, and that the expected harm of it for an average individual is practically zero. All variations of LG have been running without SSL for longer than a decade globally, and no problem. So, on the practical foot it's not a concern, (take into account my other comments about various issues introducing HTTPS in every part of the system).

Let's quantify it somehow to actually see if this is a concern beyond an academic exercise:

1 user out of a million users on a million networks a year may get a wrong forward due to a MITM attack on his network and notice that it is not the site he has seen a hundred times before. The probability of such an event for an average individual is something like 0.00000000000001 per annum. I call it a practical zero.

Should one get a small permanent job servicing certification for a dozen randomly expiring systems and paying money with the risk that an expired certificate, should the person die, would practically block access to resource, to get the practical zero to real zero?

My answer would be definitely not, this would be waste of life. We all know Http has this flow, but return to that comment about using http: it actually tells you may not have access at all, if you use https (not always, though, but that comment is a hint, not a statement you don't need security). Here's the choice: access with http or secure no access via https? I think there is no real choice. Neither that comment tells you more than to remember a pattern to use with dWeb domain names which reliably works.

Summarizing, your logic is correct but not practically helpful.

Story time: about 10 years ago a forker from ebookoid came in to the LG forum and started aggressively promote his site, an LG fork, selling books, while pointing out how poor LG's security was since it had no SSL/HTTPS, and his site had it. A scammer with a legit encryption was humiliating a legit project without encryption.

I hope you get my point: don't make a storm in a glass of water, because some less knowledgeable people may take it as a real breach which it is not )