MITM

man in the middle - [[spoofing]] - SSL Stripping (SSL/HTTP downgrade) - whenever user first visits website, they actually visit HTTP version first - hacker intervenes, user only ever sees HTTPS website - DoS (denial of service)

• prevention
  • [[PFS]] for browser security