Dude111
An Awesome Dude
Premium
join:2003-08-04
USA
edit:
October 1st, @01:41AM
| The Internets Biggest Security Hole
quote:
Two security researchers have demonstrated a new technique to stealthily intercept internet traffic on a scale previously presumed to be unavailable to anyone outside of intelligence agencies like the National Security Agency.
The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let an attacker surreptitiously monitor unencrypted internet traffic anywhere in the world, and even modify it before it reaches its destination. [more]
»blog.wired.com/27bstroke6/2008/0···-in.html |
|
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
 ·AT&T Midwest
| This isn't a big surprise.
It is best to work on the assumption that every packet you send is potentially public, and to use encryption where that would be a problem.
--
AT&T dsl; Westell 327w modem/router; openSuSE 11.0; firefox 3.0.1 |
|
Cabal
Premium
join:2007-01-21
Boston, MA | reply to Dude111
I think we talked about this a while ago. Like, on August 26th. |
|
SUMware
Premium
join:2002-05-21
| said by Cabal  :I think we talked about this a while ago. Like, on August 26th. Exactly! »Internet's Biggest Security Hole - Border Gateway Protocol quote:
Two security researchers have demonstrated a new technique to stealthily intercept internet traffic on a scale previously presumed to be unavailable to anyone outside of intelligence agencies like the National Security Agency.
The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let an attacker surreptitiously monitor unencrypted internet traffic anywhere in the world, and even modify it before it reaches its destination.
"It's a huge issue. It's at least as big an issue as the DNS issue, if not bigger," said Peiter "Mudge" Zatko, noted computer security expert and former member of the L0pht hacking group, who testified to Congress in 1998 that he could bring down the internet in 30 minutes using a similar BGP attack, and disclosed privately to government agents how BGP could also be exploited to eavesdrop. "I went around screaming my head about this about ten or twelve years ago.... We described this to intelligence agencies and to the National Security Council, in detail."
etc... |
|
JohnInSJ
Premium
join:2003-09-22
San Jose, CA | quote:
"I went around screaming my head about this about ten or twelve years ago....
Must not be that big an issue then? |
|
SUMware
Premium
join:2002-05-21
| said by JohnInSJ :Must not be that big an issue then? Try reading the article. |
|
JohnInSJ
Premium
join:2003-09-22
San Jose, CA
·SONIC.NET
| said by SUMware :said by JohnInSJ :Must not be that big an issue then? Try reading the article. Reading is hard. Is there a video on youtube? |
|
JohnInSJ
Premium
join:2003-09-22
San Jose, CA
·SONIC.NET
| reply to Dude111
Yep, ok, I read it.
So, it's still saying anything you send over the internet is not secure (see post #2 above.) This is news? Yes, the specifics of this hole are a little new if you didn't have any idea how packets are routed, but they're not that surprising.
There is nothing to "fear" here. It's just another friendly reminder that your communications isn't secure just by virtue of the transport layer. Having worked in the telco industry for a while, I'm reminded of the early easy switch hacking days (hey, it's Woz!) cell phone scanning, etc. Eventually the telcos managed to get things cleaned up a little bit, but wow were we in danger for a while.
The bigger risk here is the "oops, I broke teh intertubes" effect when every shmo in the usual places attempts to hijack packets. You know, shmos like Pakistan.
Anyway, kids, remember that all your spam email might be readable by bad guys. Consider that the next time you click that Cea1is link.
--
My place : »www.schettino.us |
|
