> > The most obvious flaw is that when we're talking fiber optics the > eavesdropper might as well be a man in the middle, and so... well, see > the list archive. >
...possibly OT... well-placed but UNCORROBORATED informant sez that day before yesterday (3 dec): 5 hours of CheckFree traffic redirected and likely captured in full half of IP addresses for CheckFree left in place, half re-directed to Ukraine, i.e., partial MITM entirely at the routing protocol layer as is so often the case, slight amateurish fuckup at the Ukrainian end raised the alarm -- would not otherwise have been found for days [the important part] it appears that in the last few hours a method has been ?found/?released that makes possible the MITM completely transparent with all traffic forwarded on as if there was just an extra hop in the path; MITM via an effective attack on routing protocols, per se, would be no joke --dan related... http://voices.washingtonpost.com/securityfix/2008/12/hackers_hijacked_large_e-b ill.html http://news.softpedia.com/news/Online-Bill-Payment-Website-Hijacked-99262.shtml --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]