Man in the Middle Attacks & Superfish - Computerphile

After this video I can't help but imagine each of the computerfile guys are kept seated in a different corner of that room and the camera just swivels around when he needs to make a new video

You know something's bad when you hear Tom Scott say "never ever"

There was so much potential at 4:46 to fix the drawing by attaching a circle to the end of the factory and making it look like a giant key.

2:21 - "And they can only be unlocked by that server, because maths." 10/10 best explanation of public and private key crypto. XD

even if superfish had been secure its still a super sketchy thing that lenovo was shipping their computers with adware

This seems so easy when Tom Scott explains it. Everything seems easy when Tom Scott explains it. Tom Scott, would you mind becomming a teacher at my school?

So good to see Tom Scott on Computerphile again.

sees intro NOTICES I'M ON A LENOVO LAPTOP

"lenovo promised not to do it again" the fact that they did it in the first place is mind-boggling

That golden moment of pure sadness and dissappointment of Tom at 6:35

The private key is not shared with the certificate authority either. Simply because they don't need it. Regarding the possibility that NSA have keys to do MITM attacks: it's basically the same problem Turing faced when he broke Enigma. If they can do that, they can use it only as a very last resort and only when the message is extremely important because as soon as someone will find out which authority they use (and when you use it, it's only a matter of time), everyone will dump the authority and they would need to start from scratch again.

2:46 he meant "Here's my Public Key". I'd advise that you add an annotation just so no one gets confused.

8:58 - Anyone else go up and click the green padlock in the URL at this point in the video?

"Extremely illegal, so DON'T do that!" You'd think that the people doing that honestly don't care about that.

Computerphile videos involving Mr. Scott are by far my favorite. Theyre all great, but I really enjoy how he talks about things.

Ahh, so that's why the red "Insecure connection" screen pops up when I'm running a local server and I goto a domain which points to localhost.

Unfortunately, this is one of the misplaced trust aspects of networking which is carried forward into IPv6. Router advertisements carry no validation; anything attached to the network can claim to be a router and set a prefix for the network. It's the same sad story for NDP. Yes, there is SEND, but it's an addon afterthought which is by no means mandatory to implement. wow...not just echo, but ringing echo as well. There has to be a happy medium between this and dragging everyone into a studio.

Just a heads up, the NSA is cracking encryption based on 1024 bit primes, at a rate of roughly 1 per year including RSA and subsequent iterations. sooo we should have switched to 2048 bit by now, but at this point 4096 should be being prepped.

Great work, you guys go into more depth than the average tutorials and the information is strong.

Tom Scott's videos on Computerphile are my favorite videos!