[110326] in North American Network Operators' Group
Re: Security team successfully cracks SSL using 200 PS3's and MD5
daemon@ATHENA.MIT.EDU (Neil)
Fri Jan 2 18:37:57 2009
Date: Fri, 2 Jan 2009 15:37:51 -0800
From: Neil <kngspook@gmail.com>
To: "Joe Greco" <jgreco@ns.sol.net>
In-Reply-To: <200901022329.n02NTuj6063258@aurora.sol.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
On Fri, Jan 2, 2009 at 3:29 PM, Joe Greco <jgreco@ns.sol.net> wrote:
>> * Joe Greco:
[snip
>> > Either we take the potential for transparent MitM attacks seriously, or
>> > we do not. I'm sure the NSA would prefer "not." :-)
>>
>> I doubt the NSA is interested in MITM attacks which can be spotted by
>> comparing key material. 8-)
>
> Doubting that the NSA might be interested in any given technique is, of
> course, good for the NSA. Our national security people have been known
> to use imperfect interception technologies when it suits the task at hand.
> Do people here really so quickly forget things? There was a talk on
> Carnivore given in 2000 at NANOG 20, IIRC, and I believe that one of the
> instigating causes of that talk was problems that Earthlink had experienced
> when the FBI had deployed Carnivore there.
>
Naturally. The NSA isn't filled with theorists who want to get the
job done the "right" way. They have a mission to fulfill, and they'll
use whatever tool works to get it done.
