Quiz Entry - updated: 2026.07.05
What is a Man-in-the-Middle (MITM) attack and how does TLS help prevent it?
An attacker secretly relays traffic between client and server, impersonating each to the other; TLS blocks it by authenticating the server's certificate and encrypting the channel.
MITM Attack: An attacker positions themselves between client and server, pretending to be:
- The server to the client
- The client to the server
This allows them to intercept, read, and modify all communication.
TLS prevents MITM by:
- Authenticating the server via certificates
- Encrypting the communication channel
But MITM can still occur if:
- User ignores certificate warnings
- Attacker has a trusted CA certificate
- TLS is misconfigured or downgraded
Go deeper:
Man-in-the-middle attack (Wikipedia) — the interception model, real examples, and the authentication defences that stop it.