Home page logo
/

nanog logo nanog mailing list archives

Re: US internet providers hijacking users' search queries
From: Owen DeLong <owen () delong com>
Date: Sat, 6 Aug 2011 02:14:16 -0700


On Aug 5, 2011, at 6:03 PM, Mark Andrews wrote:


In message <4E3C9228.4050808 () paulgraydon co uk>, Paul Graydon writes:
On 08/05/2011 02:53 PM, Brielle wrote:
Until they start MitM the ssl traffic, fake certs and all.  Didn't a certai
n repressive regime already do this tactic with facebook or some other major 
site?

Syria did: 
https://www.eff.org/deeplinks/2011/05/syrian-man-middle-against-facebook<http
s://www.facebook.com/note.php?note_id=10150178983622358&comments> 

Which is countered by DNSSEC + DANE.  A country may be able to fake everything
under their tld but not the rest of the net.

Unless they start proxying all queries and putting their own trust anchors on all the
results.

Owen

Attachment: smime.p7s
Description:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault