The Attacker on the Path
A man in the middle sits between two parties who believe they talk directly. The attacker may sit on shared Wi Fi, a compromised router, or a rogue access point. Depending on capability, the attacker can read, modify, drop, or replay messages.
The threat model assumes the network is hostile. You should never trust that data arrives unread or unchanged just because it reached the right host.
Defenses That Hold Up
- Encryption with authenticated ciphers stops reading and silent modification.
- Server authentication through certificates stops the attacker from impersonating the endpoint.
- Integrity checks detect altered messages.
- Pinning narrows trust so a forged certificate is rejected.
A pure eavesdropper only reads, while an active attacker rewrites traffic. The most common live attack downgrades or strips encryption, so enforce HTTPS only and reject plaintext fallbacks.
Key idea
The man in the middle model treats the network as hostile, where an attacker on the path may read or alter traffic, so defend with authenticated encryption, verified server identity, and a refusal to fall back to plaintext.