[LINK] All your internets are belong to us

Martin Barry marty at supine.com
Wed Nov 24 07:16:36 AEDT 2010


$quoted_author = "Stilgherrian" ;
> 
> On 23/11/2010, at 10:11 PM, Martin Barry wrote:
> > Taking the tin-foil hat off:
> > 
> > - there is no evidence that any data was captured during the leak
> 
> Yes, but what would such evidence look like? I'm not suggesting that data
> *was* captured, but there'd be no way of telling because said capture
> would all be happening in the foreign networks.
> 
> A stream of packets is going down a wire. From elsewhere on the network,
> how could you tell if a copy were being made? You couldn't.

If all they do is mirror a switch port and write out a copy to disk then you
will never know.

 
> > - there is no evidence that the leak was anything other than a configuration
> >  error
> 
> The most likely explanation, sure, but again.
> 
> I must stress, I agree with the overall view that this is nothing more nor
> less than a routine glitch, just a bit bigger than we usually see. But
> absence of evidence is not evidence of absence. That is, I'm having a got
> at your logic rather than your conclusions.

I was merely pointing out both sides of this. No one knows what really
happened except those who caused the leak.

I think the most interesting issue it raises is the degree of trust we
extend to organisations we know very little about. I'm referring to both
root certificates installed by default and the global routing configurations
which allow such leaks to occur.

cheers
Marty



More information about the Link mailing list