--------------------------------- https is one of the secure protocol that is, in now a days, used as a basic need to transmit data securely in internet applications(our application do use https). SSL is what encrypts the data sent through the https which sits below the http and encrypts the http data using a common encryption algorithm agreed between server and client. what happens if the data is sniffed in between the http and SSL, i.e we get the data before it reaches the SSL layer. we log the data and then send it to ssl. its like man-in-middle-attack, but between the http and ssl. i wrote an application that will alter the internet connection programmatically to enable this way of sniffing, then log the data, then send to ssl. i restricted the user in restoring the default internet settings.
if this is the case, then why not a malware, virus or trojans can sniff data easily which we believe is sent through a secure protocol. is the answer to this problem lies only with the independent system users, cleaning and securing their system with anti-virus, anti-trojan, anti-malware systems? does any virus or trojans exists with this kind of functionality? am i reinventing this problem?
If a machine is malware-infected all bets as to the security and privacy of it are off anyway. That is to say, if that's a possibility, then there may be larger problems than worrying about the sniffing of transmissions that should be SSL-encrypted.
Having said that, the SSL en/decryption and display of data all happens in the browser. So unless part of the browser binary has been altered, there isn't much chance of a piece of malware actually observing the data. That's just an educated guess on my part, though, and may be dependent on the underlying OS.