How NSA etc does MITM

Discussion in 'privacy problems' started by CloneRanger, Sep 11, 2013.

Thread Status:
Not open for further replies.
  1. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    This is "speculation" but shows how it "could" be done

    Block diagram of how in the PDF

    https://s3.amazonaws.com/s3.documentcloud.org/documents/785152/166819124-mitm-google.pdf
     
  2. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,594
    Although if the user was versed in security and had the proper measures in play that MITM would be a total failure. How?

    Utilize a method whereby you examine the ENTIRE certificate fingerprint (automatically) compared to a KNOWN valid one from previous connections and it would immediately tip you off. There is NO way to create a perfect match (SHA-1) for the actual full fingerprint unless the adversary has stolen and has used/access to the private key for the site certificate. Tough to do. The more security minded sites/connection types establish PFS which disables even a stolen private key.

    The example above is for when you connect to "secure https" type sites. If you are connecting to http sites there is almost no security for those that are "black hatters" with a will. Nothing I do in http is of any importance to me and my vpn tunnel is always encrypted using pfs up to the exit node so I don't care. My .02.
     
  3. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    Do they perform MITM against Tor users and under what circumstances would they do it?
     
  4. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
  5. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    The question is....why would the NSA brother doing MITM attacks against me or just a regular Tor user? I'm just using Tor to prevent my ISP from knowing what kind of sites I browse and preventing web sites from knowing my true IP address.
     
Loading...
Thread Status:
Not open for further replies.