infp - 9:45 pm on Jul 30, 2008 (gmt 0)

you only need to dnsspoof the destination and issue a fake SSL cert as a response

In other words, if the user uses the browser as they should, the attack fails.

If you visit a site with a SSL certificate that fails verification (based on root certificates) then IE7 displays a page saying something like "Warning: This server may not be secure and you should not view pages from it" (in IE6 the warning is not a dead-end whole screen, but a Yes/No dialog box -- but IE6 is fortunately dying).

In conclusion, if you use SSL and do not ignore warnings like "This site has an invalid certificate", then you don't have to worry about man-in-the-middle attacks even if you use open wifi. The rest is FUD.