Short answer: not in any practical way.

Medium answer: yes, but someone would have to surreptitiously obtain physical control of your phone long enough to install a new root CA.  (See Sean's answer)

Longer answer: of course it's theoretically possible, but the attacker would have to compromise a CA that you already trust.  Sadly, this isn't as outlandish a prospect as it should be, but it's still extremely unlikely.  I don't know how often Samsung or Google removes known-compromised CAs from the trust list, if ever, so I can't say how large the potential exposure is.  On the other hand, the only way you'd be caught by something like that would be as part of a very large, very sophisticated operation that was doing it to *everyone*.

You can issue your own certificate, signed against your own CA, and "just" ensure your own CA is imported into every client you use... I wouldn't bother, but it's an option.

-Adam

On Jan 18, 2014 3:37 AM, Trevor Cordes trevor@tecnopolis.ca wrote:

I'm just wondering if it is possible for someone to MitM me in the following scenario and intercept plaintext traffic:

dovecot imaps server with real thawte "quick" cert | imaps (ssl) | public wifi | android phone using imaps using "ssl" not "ssl (any cert)" option

For instance, can a malicious hotspot use some sort of interception technique / spoofing and some sort of wildcard cert to trick my phone into negotiating SSL with it, which then does its own SSL to my dovecot server, thus MitM'ing me without me even knowing?  I know in a web browser I'd normally be protected against that by looking at the URL in the address bar, or the green EV-cert graphics (or am I wrong in even that assumption)?

How paranoid do I have to be?  And is there any way to beat any shortcoming on Android, perhaps with a client cert or a way to tie the account to a single manually-specified server SSL cert? _______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable