nationwide interception of Facebook & webmail logincredentials inTunisia
M J D Brown
mjdb at dorevale.demon.co.uk
Sun Feb 6 17:12:51 GMT 2011
Thank you; that's very helpful - evidently I need to look more deeply
into firewall integrity, though I cannot think that backups, etc, stored
on my NAS would be an attractive target if their extraction involved
significant effort.
Perhaps more worrying is the thought that subverting the NAS firmware
could be worthwhile, considering that the devices might find themselves
in all sorts of interesting places.
The basic question remains: what are the required conditions for a
trustable CA?
Mike.
----- Original Message -----
From: "Matthew Pemble" <matthew at pemble.net>
To: "UK Cryptography Policy Discussion Group"
<ukcrypto at chiark.greenend.org.uk>
Sent: Sunday, February 06, 2011 10:23 AM
Subject: Re: nationwide interception of Facebook & webmail
logincredentials inTunisia
> On 5 February 2011 18:27, M J D Brown <mjdb at dorevale.demon.co.uk>
> wrote:
>
>
>> LAN which
>> is hiding behind a hardware firewall that Shields Up does not
>> penetrate.
>>
>
> Speaking as an ex-pen tester, I'm really not certain that this is a
> properly
> effective security test ...
>
>
>> Accordingly I approved the request. As a rhetorical question: was I
>> misguided?
>>
>> It would seem that there is a fair concensus that the present system
>> cannot be trusted at a technical level.
>>
>
> But here you know the CA - the NAS - and you have physical control of
> it.
> You are trusting it for the issue of one certificate. Yes, somebody
> could
> have subverted the NAS firmware in order to attack you but it is quite
> a
> significant attack. Does anybody want what you have got that much?
>
>
> Matthew
>
>
> --
> Matthew Pemble
>
More information about the ukcrypto
mailing list