Supposing I am transmitting data over a socket connection, and I am not concerned with the data being sniffed or with someone replacing my packets with bad information - the data is encrypted and the client and server are the only ones capable of decrypting it. Are there other security concerns with using ordinary sockets that are addressed by SSL/TLS? Thank you.
Are there other security concerns with using ordinary sockets that are addressed by SSL/TLS?
Apart from simply encrypting the data SSL/TLS also protects against replay attacks, tampering with the encrypted packets (simple encryption like AES allows modification of encrypted packets which still decrypt successfully into different content) and man in the middle attacks (due to authentication of the peer). With the right key exchange it also provides forward resistance (protection against collecting data and decrypting later with the hacked secret). And properly done it can also resist against time based side channel attacks.
Just using AES with a shared secret or even worse some home made encryption does not protect against most of this. Encryption is not simple so please don't roll your own but use existing and established technologies.