[LINK] All your internets are belong to us
ben at adversary.org
Thu Nov 25 04:53:49 AEDT 2010
On 24/11/10 7:20 AM, Martin Barry wrote:
> My understanding is that they effectively turned themselves into a
> transit provider and were actually passing the traffic on towards
> the correct destination.
That does appear to be what happened.
> So you were still (absent of any MITM attack) connecting to the
> correct server, it's just that your packets were going via China
I don't think that the concern is that there may have been a MitM
attack on one or more data transmissions during the hijack window, I
think the concern is that a copy of that data may have been retained
for analysis and that data may include data from networks which would
prefer it never reach China (e.g. Defense traffic).
> Also note, that it's most likely that routing to only one of the
> client or server was affected (if at all) and hence only one side of
> the communication would be sent the wrong way.
That is probable for a lot of the traffic, but certainly no guarantee
of all of it. We'd need to have a look at which routes were diverted
and which networks accepted the new routing information.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 259 bytes
Desc: OpenPGP digital signature
More information about the Link