[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: "I Write Mass Surveillance Software"

On Wed, Sep 16, 2009 at 5:01 PM, Rich Jones <rich@xxxxxxxxxxx> wrote:
> http://www.reddit.com/r/IAmA/comments/9kwph/i_am_a_guy_who_writes_covert_software_that_runs/
> Thoughts?
> also, I realized that two of the posts I've made this this list have now
> been reddit-related. Sorry about that. But I'd really like to know what you
> all make of this. He doesn't give very many specifics, unfortunately. What
> do you think his 'sidestepping' is?

The hostility on reddit is odd and unfortunate.

The obvious sidestepping is MITM-ing connections for users then shove
manipulated binaries at them which disable encryption, leak key
material, or intercept keystrokes  ... or simply perform degradation
attacks, either forcing protocols to less secure modes, or simply
blocking or massively slowing secure connections to make the user
switch to something insecure.

These have the enormous downside of being detectable active attacks.
Not something you could afford to apply frequently against general
public unless you were willing to tip off your primary target that you
were watching.  Then again— with ISPs like comcast injecting RST
packets, would a degradation attack be distinguishable?

Less obvious sidestepping would include things like simply monitoring
the remote side with the expectation that they won't be as prudent
with security as your primary target.

Black-helicopter mode sidestepping would be having pre-arranged back
doors in popular operating systems or client software.