Does anybody think big brother isn't eavesdropping? Jim K Allen Brown wrote: > From /.: > > This is why you use end-to-end encryption, if you care about security at > all, and tor if you care further about traffic analysis... > > At DEFCON, Tony Kapela and Alex Pilosov demonstrated a drastic weakness > in the Internet's infrastructure that had long been rumored, but wasn't > believed practical. They showed how to hijack BGP (the border gateway > protocol) in order to eavesdrop on Net traffic in a way that wouldn't be > simple to detect. Quoting: "'It's at least as big an issue as the DNS > issue, if not bigger,' said Peiter 'Mudge' Zatko, noted computer > security expert and former member of the L0pht hacking group, who > testified to Congress in 1998 that he could bring down the internet in > 30 minutes using a similar BGP attack, and disclosed privately to > government agents how BGP could also be exploited to eavesdrop. 'I went > around screaming my head about this about ten or twelve years ago... We > described this to intelligence agencies and to the National Security > Council, in detail.' The man-in-the-middle attack exploits BGP to fool > routers into re-directing data to an eavesdropper's network." Here's the > PDF of Kapela and Pilosov's presentation. > > <http://it.slashdot.org/article.pl?sid=08/08/27/0141247&from=rss>
_______________________________________________ EUGLUG mailing list [email protected] http://www.euglug.org/mailman/listinfo/euglug
