[159262] in North American Network Operators' Group
Re: Gmail and SSL
daemon@ATHENA.MIT.EDU (Gary E. Miller)
Wed Jan 2 19:59:17 2013
Date: Wed, 2 Jan 2013 16:59:05 -0800
From: "Gary E. Miller" <gem@rellim.com>
Cc: nanog@nanog.org
In-Reply-To: <CAP-guGVjqw8ZMwy7KHyKYrNFSn8YQN1GDr7jV8Y9J41Z86AB1A@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--Sig_/Eu5W85jpmt6tHI41eS=xOML
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
Yo William!
On Wed, 2 Jan 2013 19:42:16 -0500
William Herrin <bill@herrin.us> wrote:
> On Wed, Jan 2, 2013 at 5:43 PM, George Herbert
> <george.herbert@gmail.com> wrote:
> > If push came to shove and minor legalities were not restraining me,
> > I recall (without checking) your domain's emails come to your home,
> > and your DSL or cable line is sniffable, so any of the CA who email
> > URL validators out could be trivially temporarily spoofed (until
> > you read your email and responded) by tapping your data lines. BGP
> > games to snarf your traffic are another venue, possibly not yet
> > even covered by wiretap laws that I know of, though I'm not
> > currently an ISP in a position to personally do that to you.
>=20
> And none of this describes an extraordinary effort? The quote you're
> trying to refute was, "suffer such attacks only with extraordinary
> difficulty on the part of the attacker."
I would say it is pretty easy, and I have caught people doing it many
times. All a hacker needs to do is get a sniffer near your email
traffic. Then they can grab any challange emails sent to any of you
domain contacts. Pretty trvial to do in a coffee shop environment.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97701
gem@rellim.com Tel:+1(541)382-8588
--Sig_/Eu5W85jpmt6tHI41eS=xOML
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
iEYEARECAAYFAlDk19kACgkQBmnRqz71OvM6jQCgzqLJ36fN2F0e38P2SnAG7k95
2HgAoODv5qS2O/B/9fUVTdd9+nf0pAec
=/CxB
-----END PGP SIGNATURE-----
--Sig_/Eu5W85jpmt6tHI41eS=xOML--
