1

If anyone can answer me pls I just need an anwer. I know thus isn't maybe right place for this question

I created chatting app with sockets in Java 8 and i use TLS 1.2 My question is: Is there any way that someone can read data i send(read as he can decrypt it)? Maybe something like man in the middle attack or something else.. I should note that the server which i use is just for sending incoming messages to destination clients (not storing anything on it).

I ask this because i was always wondering how come the people who use so called protected apps get caught at the end.What if someone uses my app and start sending some illegal stuff(literally anything). Could this person get caught if there isn't any data storing on my server and am i allowed to claim that my app is definitely secured?

Sorry if it's stupid question

GM dz0ji
  • 11
  • 1
  • 1
    Since this is [exactly the same question](https://unix.stackexchange.com/questions/728842/is-there-a-way-someone-can-read-arrays-of-bytes-which-i-send-with-java-sockets-w/728843?noredirect=1#comment1381899_728843) you've asked at [unix.se] you get exactly the same answer from me. – Steffen Ullrich Dec 18 '22 at 14:37
  • I understood you. It all made sense to me just want to hear if other people have anything more to add from other community – GM dz0ji Dec 18 '22 at 14:45
  • OP, I don't think @SteffenUllrich could have made his answer any clearer [+1]. His third point is especially important. The client must have a way of authenticating the server's certificate - otherwise a bad actor between the client and the server who is able to dupe the client into trusting a fake certificate can mount a [MITM attack](https://en.wikipedia.org/wiki/Man-in-the-middle_attack). – mti2935 Dec 18 '22 at 14:50
  • So in other words with MITM someone can read everything I send to someone in my secure channel? – GM dz0ji Dec 18 '22 at 14:59
  • Yes. If an attacker between you and the server can dupe you into trusting his (fake) certificate instead of the server's (real) certificate, than the attacker can read (and modify) everything sent (in both directions) between you and the server. That's why we have [certificate authorities, and PKI](https://security.stackexchange.com/questions/56389/ssl-certificate-framework-101-how-does-the-browser-actually-verify-the-validity); and that's why it is so important to not ignore certificate warnings in your browser. – mti2935 Dec 18 '22 at 15:14
  • 1
    That makes sense. Thank you for detailed explanation. And thank you guys a lot. Sorry if I wasted your time you helped me so much! – GM dz0ji Dec 18 '22 at 15:31

1 Answers1

1

TLS protects the communication between client and server if properly implemented. This means

  • it does not protect against compromising the server or client
  • it does not protect against bugs in the application, like XSS, CSRF or similar in web application
  • it does not protect against MITM attacks unless the client actually enforces that it gets the expected certificate from the server
  • if one of the endpoints of the communication is compromised, then the clear text communication might be intercepted before encryption or after decryption
Steffen Ullrich
  • 190,458
  • 29
  • 381
  • 434