[139340] in cryptography@c2.net mail archive
Re: Quantum direct communication: secrecy without key distribution
daemon@ATHENA.MIT.EDU (Jim Youll)
Sat Dec 6 13:54:41 2008
Cc: Nicolas.Williams@sun.com, info@postbiota.org,
cryptography@metzdowd.com
From: Jim Youll <jim@cr-labs.com>
To: dan@geer.org
In-Reply-To: <20081206000601.8E1B933CF3@absinthe.tinho.net>
Date: Sat, 6 Dec 2008 10:25:46 -0500
On Dec 5, 2008, at 7:06 PM, dan@geer.org wrote:
>> well-placed but UNCORROBORATED informant sez that
> day before yesterday (3 dec):
>
> 5 hours of CheckFree traffic redirected and likely
> captured in full
>
> half of IP addresses for CheckFree left in place, half
> re-directed to Ukraine, i.e., partial MITM entirely
> at the routing protocol layer
>
> [the important part] it appears that in the last few hours
> a method has been ?found/?released that makes possible the
> MITM completely transparent with all traffic forwarded on
> as if there was just an extra hop in the path; MITM via an
> effective attack on routing protocols, per se, would be no joke
The cited articles discuss a much simpler DNS revision with stolen
Netsol credentials on Dec 2., apparently confirmed via their logs.
How sure are you about this informant? Does the person have the
expertise to say what was said, or was the Dec 2 story reinterpreted
into the Dec 3 story?
It's too big an issue to leave floating.
[http://voices.washingtonpost.com/securityfix/2008/12/hackers_hijacked_large_e-bill.html
]:
> It appears hackers were able to hijack the company's Web sites by
> stealing the user name and password needed to make account changes
> at the Web site of Network Solutions, CheckFree's domain registrar.
> Susan Wade, a spokeswoman for the Herndon, Va., based registrar,
> said that at around 12:30 a.m. Dec. 2, someone logged in using the
> company's credentials and changed the address of CheckFree's
> authoritative domain name system (DNS) servers to point CheckFree
> site visitors to the Internet address in the Ukraine.
- jim
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
