[LINK] Rogue SSL Certs Issued For CIA, MI6, Mossad
Fernando Cassia
fcassia at gmail.com
Tue Sep 6 19:58:05 AEST 2011
On Tue, Sep 6, 2011 at 05:53, Kim Holburn <kim at holburn.net> wrote:
> Seems this was the Iranians in a bid to tap into encrypted traffic of their own citizens. The worry is that our western governments can "probably" get any of these kind of certificates they want without hacking!
>
And their own citizens are connecting over SSL to CIA, MI6, MOSSAD?.
It seems to me like they want to use these certificates for "man in
the middle" attacks, to replace CIA, MI6, MOSSAD servers with their
own (DNS spoofing) and then present these fake certificates to people
wanting to connect to those sites from inside China. In other words,
they can use (well, no longer if those are revoked from browsers)
those certificates to take a peek into foreign agents operating within
Chinese territory and connecting with encryption to the mentioned
sites.
Let me know if I'm missing something, my logic can be a bit flawed at
7am local time before my first cup of coffee.
FC
More information about the Link
mailing list