Home page logo

nanog logo nanog mailing list archives

Re: US internet providers hijacking users' search queries
From: Brielle Bruns <bruns () 2mbit com>
Date: Sat, 06 Aug 2011 12:48:12 -0600

On 8/6/11 11:08 AM, Joe Provo wrote:
Belief has nothing to do with it. The article is vaguely referring
to 'search' and incorrectly jumps to https. Disappointing that
nanog readers can't readhttp://www.paxfire.com/faqs.php  and get
a clue, instead all the mouth-flapping about MItM and https. While
collectively encouraging more https is a*good*  thing, it is utterly
tangential and misses the meat of this matter.

Disappointing that certain nanog readers depend on information put out by the vendor to be 100% honest and forthcoming in what their product does.

There's more to hijacking queries/dns/etc then just ISPs mucking with queries. MitM attacks, SSL hijacking, etc is all a valid concern, and completely within the realm of the discussion here and this topic.

As pointed out, there are ISPs and whole countries who have no qualms with doing this type of thing. Further, who cares if the company says their product isn't made or won't do what it may be doing? We all know full well that people use products in ways they aren't meant or intended to be used.

When companies realize that they can't just transparently muck with traffic anymore because 90% of customer traffic is encrypted, do you really think, in all honesty, that companies won't find a way to regain this revenue stream, even if it runs afoul of laws/ethics/etc?

Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org    /     http://www.ahbl.org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]