If you go a public caffee shop, they have free wifi. How could you make sure your infomration cannot be read by a second person?
Well, in HTTP1.1, You cannot. But with HTTPS, it will encpty your data and only the server you are talking to can decode your data.
And how about you thought you are talking to the real server but actually you are not. MITM will redirect you to their server and decode the message and read, then send to the real server. One thing in HTTPS to prevent is Auth. To make sure you are talking to the right server.
[HTTPS] MAN IN THE MIDDLE (MITM)
原文:http://www.cnblogs.com/Answer1215/p/5636210.html