You should actually try this some time. Let us know how it goes, assuming they have internet in whatever jail you're put in once airport security finds where the MITM traffic is coming from.
If you think that airports are filled with security people using antennas to catch people setting up fake wifis you are very wrong, let alone malls, cafes, hotels etc. good spots for these activities. I have acquaintances who have done this for fun, not doing anything malicious really but just some silly messing with people, and they've never been caught, not even close. How would they be caught even? "you have to be in physical proximity" yeah like within 100 meter radius on an airport where there are 1000 people in that radius going in and out, doing stuff on their laptops and phones,
you won't get caught, even if you somehow did you would not know anything about it and it would be just some virus on your device or such, right?
You won't have to be neckbearded sketchy guy sitting and sweating with the guy fawkes mask on in the corner. You can look quite normal and maybe even hide the actual device in your backpack and such, if you want to further avoid getting caught that is.
Pulling off a MITM attack by itself is pretty hard already,
It is? Isn't the internet filled with tools and tutorials so that pretty much anyone that can follow simple instructions can pull it off? Thats why I'm so worried about it, you need not to be genius to do it.
Just google something like "how to hack wifi sslstrip" or such and you will find how to do it.
This is only (partially) true the very first time you access the site
Yeah but that just marginally reduces the risk, you cannot say that russian roulette is safe activity because "its only so small risk" to have bullet in chamber.
And if you get users used to clicking "Yes, I trust this certificate" they will just click that again when it pops up etc. People switch devices and browsers, clear their cache so they would have to press this trust button quite often.
You should not assume that users are rational or have sizeable knowledge about technology. You must design things so that your average user won't fuck up too much. If no one ever did mistakes, we would not need many of the things that we have, but not all people are nerds that know about those things.
getting a proper SSL certificate for your website which handles credit cards and user data is pretty ridiculous
Payments are done via other providers,
BUT, if there is MITM attack, attacker can put his own payment links to his own sketchy credit card logging sites, so I think that even if payments are technically handled off site, the site still takes great risks as people trust the domain which can contain links to payment sites which the users of course also thus trust.
Just get a proper certificate. It takes some maintenance, but security seems expensive until you get compromised or your users get compromised.
Question has not been about the monetary or time cost for a long time, but principles and opinions about how certificates should work. Resistance to not to yield into the system.
For those that worried about whether the cert here is issued by a CA or self-signed, let me give you an exercise. Go out and read all the fine print on that certificate and figure out hard hard they are to get. Literally anyone can get a certificate now, even if they've previously had certificates revoked for online chicanery. The CA system has killed itself, and I'll trust my own research for small websites over whatever bullshit these free certs claim to represent.
But the point of certificate is not that the owner would be "trustworthy" in general, but that the owner of the certificate also owns the site that it has been given out for, and that they still do quite well.
The general advice to check that the url is correct and that there is a green lock is pretty good for the general public and simple enough for most people to follow.
HTTPS Everywhere installed and activated by default
If you still think that it can magically turn HTTP sites into HTTPS you are wrong, it just rewrites the url to https, so the original server must of course still support https.
Let's not forget the Javascript contained on this website, too, if we're worried about data security. That's something Google themed browsers don't warn you about, yet is more dangerous than self-signed certificates.
I would say that the forum software used is pretty safe as its so old and (was)popular, most critical flaws have probably already been found!
People on this thread are worried about username+password leaking and also malicious user setting his own payment links so that the money/cc info gets stolen.