Advertisement
GStreamer Conference 2013, 22-23 Oct, Edinburgh
GStreamer, Embedded Linux, Android, VoD, Smooth Streaming, DRM, RTSP, HEVC, PulseAudio, OpenGL. Register now to attend.
| |||||||||||||
Encouraging a wider viewEncouraging a wider viewPosted Oct 1, 2013 13:38 UTC (Tue) by dlang (✭ supporter ✭, #313)In reply to: Encouraging a wider view by intgr Parent article: Encouraging a wider view
they don't need to change any data as part of their MITM (the NSA wants to read the data, not change it), so just comparing what was sent with what was received would not help any.
Ted discovered this because he had the particular cert pinned (i.e. he knew who the cert belonged to), so when he saw a different cert, he knew something was wrong.
and the new cert that was being presented was 'valid', just not the correct one.
so this seems like exactly the case that having encryption without knowing who the cert belongs to would have done no good.
(Log in to post comments)
Encouraging a wider view Posted Oct 1, 2013 13:51 UTC (Tue) by intgr (subscriber, #39733) [Link]
> they don't need to change any data as part of their MITM
The what? You can't eavesdrop on any modern crypto protocol (including SSL, tcpcrypt) without modifying traffic. Even if the connection is un-authenticated.
> and the new cert that was being presented was 'valid'
They had to swap the certificate. They modified the traffic. The modification was detected. Which was my point.
Encouraging a wider view Posted Oct 1, 2013 14:55 UTC (Tue) by freemars (subscriber, #4235) [Link] Exactly. An attacker (let's call her 'Nsa') needs to decrypt packets and re-encrypt them with her faked key. And this needs to be done in real time, or Nsa's cover is blown. This is a DoS attack against Nsa.
Encouraging a wider view Posted Oct 4, 2013 18:01 UTC (Fri) by elanthis (guest, #6227) [Link]
> And this needs to be done in real time, or Nsa's cover is blown. This is a DoS attack against Nsa.
No. The NSA just needs to store the encrypted packets and then decrypt them later at their leisure. They've already admitted to doing this in many cases.
Let's not also forget that even with a MITM attack, they aren't routing all packets to their buildings for real-time decryption. They're still injecting the code to read the unencrypted traffic into the existing infrastructure (either at the end-points or at a common existing intermediary) and then streaming that data efficiently to their data stores.
There's nothing to DoS.
Encouraging a wider view Posted Oct 4, 2013 20:06 UTC (Fri) by khim (subscriber, #9252) [Link] No. The NSA just needs to store the encrypted packets and then decrypt them later at their leisure. That's totally different kind of attack. Almost undetectable, yes, but also millions of billion times more computationally expensive. They've already admitted to doing this in many cases. The've admitted that they keep encrypted sessions but nobody knows how many of them they can actually decrypt. And if they can “decrypt them later at their leisure” it's still “DoS attack against NSA” - just somewhat less effective. Let's not also forget that even with a MITM attack, they aren't routing all packets to their buildings for real-time decryption. It's the only way to perform a MITM attack, sorry. They're still injecting the code to read the unencrypted traffic into the existing infrastructure (either at the end-points or at a common existing intermediary) and then streaming that data efficiently to their data stores. There are no "common existing intermediary" if you, e.g. connect to Google from your home and they need permit from court to actually hack your computer. Yes, I know, they can hack Google itself and/or your computer but now we are at stage “asteroid can kill you any time thus it's pointless to watch traffic lights”.
|
|||||||||||||