Law Enforcement Appliance Subverts SSL
- Thread starter Blue Tail
- Start date
I copied and pasted the full article yesterday, here: https://www.icmag.com/ic/showthread.php?t=165957
For those who do not like to click off site links
For those who do not like to click off site links
I saw the wired article almost as soon as it was posted, and my first reaction was to tell my friends and family here.
Norkali
Active member
WE must all begin to realize that there is no anonymity on the internet, it was designed by D.A.R.P.A. after all...everything you enter/type/click on the internet can be monitored by U.S. officials. It is as simple as that. How many people here have heard about the Information Awareness Office, a branch of DARPA? There stated goal is to reach T.I.A., Total Information Awareness. Room 641A anybody?
Believe it or not, this is the official seal of the office:
1984, here we come. I am starting to reconsider using the internet altogether, sadly and seriously.
Believe it or not, this is the official seal of the office:
1984, here we come. I am starting to reconsider using the internet altogether, sadly and seriously.
This appliance isn't practical. Unless law enforcement attaches it between the server and the router, or between the persons network card and their modem. If they can put it in your house you have bigger problems, and anyone running a server will also see it and unplug it.
If it is placed anywhere else, such as the main router for the data center its too much information. There's no way this puny box can inspect all packets simultaneously from 1000 servers. Does it even have a cpu? It doesn't look like it. I see no fan, so if it has a cpu, its a small one, that definitely cannot handle packet inspection of 1000 servers, and millions of browsers attached to those servers. Not to mention if (no, WHEN) it goes down, so will 1000 servers behind it.
If it is placed anywhere else, such as the main router for the data center its too much information. There's no way this puny box can inspect all packets simultaneously from 1000 servers. Does it even have a cpu? It doesn't look like it. I see no fan, so if it has a cpu, its a small one, that definitely cannot handle packet inspection of 1000 servers, and millions of browsers attached to those servers. Not to mention if (no, WHEN) it goes down, so will 1000 servers behind it.
Norkali
Active member
Incorrect, via the Patriot Act and it's relative 'Terrorism Act's'.
saw another article, not on wired but on slashdot, tech nerd site, maybe this was a link to the wired article
but the gist is if the SSl certificate issuer(Verisign i think) is willing to give federal agencies duplicate certificates, then they can play 'man in the middle' on you
issue is how well to do you trust Verisign? for very large grows, not enough i think
for my closet grow? i'm still good on SSL
but the gist is if the SSl certificate issuer(Verisign i think) is willing to give federal agencies duplicate certificates, then they can play 'man in the middle' on you
issue is how well to do you trust Verisign? for very large grows, not enough i think
for my closet grow? i'm still good on SSL
