[VOIPSEC] Governments employing MiTM attacks against SSL
J. Oquendo
sil at infiltrated.net
Tue Apr 20 10:11:50 CDT 2010
T Biehn wrote:
> Disgusting:
> # If you have zero to hide, you have zero to worry about. The logical
> # truth is, so much data need be sifted through, unless - again - you had
> # something to hide, the odds of the government using YOUR data from a
> # MITM attack is highly unlikely.
>
> And obviously you didn't consider the possible attack scenarios very deeply.
>
> -Travis
Really? How does it differ from what's available right now via say
Ettercap. A MITM is a MITM is a MITM. If you're talking about the
possible attack scenarios of the device itself, that too is irrelevant
to me. The odds would be astronomical for someone to "target" one of
these devices as they'd have to know EXACTLY where it's at. So please
explain to me how you would propose someone attack that device? Do you
think someone in the government would outright state "we're using a TAP
here..." in order for someone to attack the device itself... Highly
unlikely.
--
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT
"It takes 20 years to build a reputation and five minutes to
ruin it. If you think about that, you'll do things
differently." - Warren Buffett
227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E
More information about the Voipsec
mailing list