On Wed, Sep 16, 2009 at 5:01 PM, Rich Jones <rich@anomos.info> wrote:

http://www.reddit.com/r/IAmA/comments/9kwph/i_am_a_guy_who_writes_covert_sof... Thoughts?

also, I realized that two of the posts I've made this this list have now been reddit-related. Sorry about that. But I'd really like to know what you all make of this. He doesn't give very many specifics, unfortunately. What do you think his 'sidestepping' is?

The hostility on reddit is odd and unfortunate. The obvious sidestepping is MITM-ing connections for users then shove manipulated binaries at them which disable encryption, leak key material, or intercept keystrokes ... or simply perform degradation attacks, either forcing protocols to less secure modes, or simply blocking or massively slowing secure connections to make the user switch to something insecure. These have the enormous downside of being detectable active attacks. Not something you could afford to apply frequently against general public unless you were willing to tip off your primary target that you were watching. Then againb with ISPs like comcast injecting RST packets, would a degradation attack be distinguishable? Less obvious sidestepping would include things like simply monitoring the remote side with the expectation that they won't be as prudent with security as your primary target. Black-helicopter mode sidestepping would be having pre-arranged back doors in popular operating systems or client software. ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE