When you enter expressvpn.com into your browser bar, your computer looks up the IP address of expressvpn.com in a global database called DNS, which acts like a phone book for websites.
These global databases are mirrored across different servers around the world, and one is often situated very close to your present location, wherever you are.
Domain name system operators
Your local telecommunications provider probably maintains such a DNS server. Google, ExpressVPN, and others also run their own DNS services, although for different reasons. Google wants to know every single page that you navigate to while ExpressVPN runs the service to protect your privacy and increase your browsing speed.
There are also other, free DNS services that promise privacy and censorship resistance, like the Open NIC Project.
What are man-in-the-middle attacks?
A man-in-the-middle attack (also described as monster-in-the-middle, or MITM) describes a very specific attack in which the attacker sits between the two victims (in this case, you and the server). Both sides are victims because both sides are tricked into thinking they are communicating directly with each other when in fact they are talking through a third party, the attacker.
The DNS system is a common place for such an attack. The MITM would take place between you at the DNS server, with the same effect as you talking to a malicious or hacked server. There is no way of knowing whether the DNS server is returning the correct IP address, as they are not cryptographically signed, so it’s possible you might end up on the wrong server, or the server of the attacker, when you type in a web address.
Of course, in reality, a man-in-the-middle attacker does not have to be a man, monster or even a single person. It could be a group of people, but it’s most likely simply a piece of software operated by a nefarious individual or group.
HTTPS and the green lock
In the case of DNS, the solution to the MITM problem is HTTPS (Hypertext Transfer Protocol Secure).
HTTP, Hypertext Transfer Protocol, was developed in the 1990s. Since 1997, HTTP has been the de-facto standard to exchange structured text—i.e., websites—across the web.
HTTPS significantly improved the security of HTTP in the late 2000s. The S stands for secure, and currently relies on TLS (Transport Layer Security) for security. TLS’s predecessor SSL has increasingly become redundant and is no longer supported by modern browsers.
HTTPS does two things: It encrypts the traffic between you and the site you are visiting, and it provides you with authentication that the site you are visiting is really the site you intend to visit. You can tell if a site uses HTTPS, as a lock symbol will appear in your browser bar.
To achieve this, the owner of the site is required to register their encryption keys with a Certificate Authority (CA). The keys and registrations are made public to ensure that if a certificate is issued incorrectly, the owner can easily find out, as happens to Google frequently. You can look up anybody’s CA certificates using Google’s online transparency tool. You just have to type in their URL.
So as long every site uses HTTPS, and as long as we check each site we visit for the lock in the browser bar, we are for the most part safe from these man-in-the-middle attacks.
If we navigate to a new site and find that the connection is not being encrypted (no lock or even a “not secure” warning), it is impossible to know if the site doesn’t support encryption (in which case we might publicly shame them and avoid them until they do) or whether we are victim to a man-in-the-middle attack.
Even if a site requires you to connect to their site through an encrypted channel, a man-in-the-middle attack might encrypt the connection, leading the site to believe everything is fine, when, in fact, the connection between the attacker and the user remains unencrypted.
Authentication through certificate authorities
Encryption is an important step to protecting you from MITM, but they do require authentication. Otherwise an attacker would be able to easily set up two encrypted connections between them and you, and them and the server. Both victims would think they are communicating through a secure encrypted channel, but all data is decrypted and read by the attacker.
HTTPS allows for authentication of domain names. Upon successfully connecting through HTTPS with a remote server, we are handed a certificate that verifies that the server is authenticated to serve on behalf of their domain.
However, an attacker might be able to fraudulently obtain such a certificate.
Strict transport security is a higher level of security
To protect against this, ExpressVPN and many others use something called HSTS (HTTP Strict Transport Security).
When you first connect to an HSTS website, the website instructs your browser to only ever connect through HTTPS in the future and never connect through any unencrypted means. This only works, however, if the first time you connect to the site you are not already being attacked.
When properly implemented, HSTS ensures that all future connections are not only encrypted but authenticated with the same key, meaning that even in the unlikely event an attacker could trick a browser into an encrypted connection, such a connection would fail.
Some popular, high-profile websites do go a step further and have persuaded developers of major browsers to include a special rule into their software to ensure that even a first-time connection is made over an encrypted channel.
HTTPS Everywhere for your browser
The Electronic Frontier Foundation has released a clever tool called HTTPS Everywhere that allows you to set rules for all the sites you visit and forces your browser to only use https. This makes it far less likely that you accidentally overlook a man-in-the-middle-attack.
HTTPS Everywhere is an extension to your browser. You can even set a rule that blocks all connections made with HTTP, although sadly this makes many sites unusable.
Other man-in-the-middle attack targets
Man-in-the-middle attacks are not limited to browsing. They are a threat wherever encryption is used, such as email or chat messaging. In encrypted chat and email, the strategy of the attack is similar to that of web browsing, but the defense is slightly different.
Virtual Private Networks
VPNs are also prone to MITM. The most common way to defend against them is even more robust than that for websites. Instead of “trusting” the encryption key of the server you are connecting to for the first time, your VPN software comes preloaded with its own certificate authority. Your VPN will only connect to a server that is able to present a signed certificate from the VPN provider.
When setting up your VPN manually, you will notice at which point the CA is loaded.
Off-the-record messaging (OTR)
OTR is a protocol that allows for strong encrypted chat conversations between individuals. When OTR chat is initiated, encryption keys are exchanged between the users. If an attacker places themselves in the middle of two users, they could set up two separate encrypted chats with the two victims, making them believe they are talking directly to each other.
As Certificate Authorities don’t exist for chat apps, the two users need to verify their keys manually to ensure they are indeed talking directly to each other. They can do this by listing their keys on their website, business card, or communicating it over any secure channel that the attacker would not have access to.
Signal and other encrypted chat apps
Chat applications that offer encrypted chats between their users also require a mechanism to protect against MITM. In Signal for example, you can see a long string of numbers for each chat by clicking on your contacts and selecting “View Safety Number.” One half is the fingerprint of your own key, the other that of your contact.
Pretty Good Privacy (PGP)
PGP is the gold standard in encryption. It is used to encrypt text, emails, and files. It can also be used to verify the integrity of any kind of data.
Since anyone can create a PGP key, an attacker might simply distribute a key in the name of an intended victim. Now, if anyone tries to communicate with the victim, they actually end up communicating with the attacker, who will forward the messages to the victim. Both parties think that since they are using PGP, they are secure, but instead they are outright sharing their messages with the attacker.
PGP keys are commonly uploaded to keyservers, where they become publicly visible. To defend against false keys, PGP uses a feature called key signing. This works by getting several of your colleagues and trusted friends to sign your key. Working on the principle everyone on the internet is connected through less than four people, it’s likely that someone you trust has signed a stranger’s key.
In practice, however, keys are not commonly signed, and you will still need to rely on authenticating your chat partner yourself.
Some chat apps, such as Signal and Telegram, allow you to verify the fingerprint of your conversation partner and, therefore, have some mechanism to detect man-in-the-middle attacks.
Other encrypted message platforms, such as iMessage, do not have these features. They leave you in the dark about such attacks, so you are forced to rely on the service to defend you, somehow.
Checking that the sites you visit are using sufficient encryption is the only effective defense against man-in-the-middle attacks.
For sites you regularly visit, the HTTPS Everywhere extension will make sure every time you connect to the site, it is over an encrypted connection. Doing so ensures an attacker cannot trick you into entering information to a server that merely impersonates the server you wanted to be connected to.
When the green lock is missing, under no circumstances should you enter any personal information such as email addresses or passwords. If there is no green lock on display, try again later, connect through a VPN, or reach out to the website operator.