[LINK] All your internets are belong to us

Kim Holburn kim at holburn.net
Wed Nov 24 08:52:12 AEDT 2010

On 2010/Nov/23, at 10:11 PM, Martin Barry wrote:
$quoted_author = "Karl Auer" ;
>> Key words "unprotected communications". Anyone using encryption would
>> have had no problem at all. Well, non-delivery maybe, but not the wrong
>> people reading it, and not "manipulation".
> If I can take my tin-foil hat out and try it on for a minute:
> - this is one of the few instances where the network leaking routes could
>  handle the traffic directed at it. Usually the offending network just
>  performs a DOS on itself.
> - existing sessions could have, and appear to have, kept working during the
>  leak. Unencrypted traffic transmitted during this time is obviously
>  vulnerable.
> - HTTPS is usually assumed to be trustworthy due to the certificate chains
>  used by browsers to check the servers certificate. MITM attacks require
>  the attacker to control one of these certificate chains.
> - China Internet Network Information Centre has one of those trusted root
>  certificates.
> Taking the tin-foil hat off:
> - there is no evidence that any data was captured during the leak

Nearly all our overseas traffic is routed through the US.  We're pretty sure they have the equipment to capture large amounts of it if they want to.  And they do want to.  They certainly have access to certificates so they could retroactively decrypt some traffic if they so wanted.  They don't even need translators mostly.

> - there is no evidence that the leak was anything other than a configuration
>  error

Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request 

More information about the Link mailing list