[LINK] All your internets are belong to us

[Martin Barry]

$quoted_author = "Rick Welykochy" ;
> 
> Martin Barry wrote:
> 
> >- existing sessions could have, and appear to have, kept working during the
> >   leak. Unencrypted traffic transmitted during this time is obviously
> >   vulnerable.
> 
> I don't understand how a TCP session (i.e. stream) could live for
> very long if there is not a receiving end to the socket. Once the
> TCP send window is exhausted, doesn't the stream stall waiting for
> ACKs? No ACK, no stream AFAIK.

My understanding is that they effectively turned themselves into a transit
provider and were actually passing the traffic on towards the correct
destination.

So you were still (absent of any MITM attack) connecting to the correct
server, it's just that your packets were going via China first.

Also note, that it's most likely that routing to only one of the client or
server was affected (if at all) and hence only one side of the communication
would be sent the wrong way.

cheers
Marty