QUANTUMINSERT "wide stack" covert network communication

coderman coderman at gmail.com
Tue Nov 26 21:03:07 PST 2013


in the discussion regarding well positioned injection points on the
backbone (QUANTUMINSERT) i have not yet seen discussion of using these
well positioned injection points for covert network connections.

consider that you are eavesdropping on return path for a given
un-used, high address space of a third party (a lot of that 15.0.0.0/8
is idle :)

consider that you can inject arbitrary packets into the egress for
same net block (even if upstream, still sufficient to match route).

you can now establish a covert TCP connection appearing to come from
the high space of 15.0.0.0/8, of which HP only sees the returning
(encrypted) martians. (and this assumes they're even watching!)

this "wide stack" approach provides cover via multitudes of idle
address spaces of third parties, while the actual communicators are
hidden.



anxiously awaiting the details on how this is used...

*sacrifices chickens to the "Snowden Release Gatekeepers" (TM)*



More information about the cypherpunks mailing list