Ask HN: Any tools to force TLS handshake to use “more secure” network?

1 points by plastroltech ↗ HN
Hey I'm not a security engineer but it occurred to me that when using an unsecured public WIFI network the real concern is in doing the initial TLS handshake over that network. My question is - If I switch my laptop to use a tethered network via my cellphone prior to hitting an HTTPS website and then switch it back to using the public WIFI after the connection has been established would I be improving my security while gaining the benefit of higher speed and cheaper wifi access (as opposed to doing the whole thing via the tethered connection)? If so are there any tools to handle this automatically?

4 comments

[ 3.1 ms ] story [ 23.4 ms ] thread
the real concern is in doing the initial TLS handshake over an unsecured public WIFI network

No, this isn't a concern due to PKI. (If you disagree with PKI you should stop using the Internet completely.)

If I switch my laptop to use a tethered network via my cellphone prior to hitting an HTTPS website and then switch it back to using the public WIFI after the connection has been established

This isn't possible because you have different IP addresses on those two networks and once a TCP connection has been established on one IP address it can't be moved to a different one.

Interesting... so there no security concern with using HTTPS on a public Wifi? I thought there was some way the connection could be hijacked. Thanks for the response.
WRT the second point, since HTTP is stateless doesn't it make a new connection for every request via whatever network is available?
And each connection makes a new TLS handshake.