D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] QUANTUM

 

On Wed, 20 Nov 2013, Simon Waters wrote:
Another good reason to use HTTPS.

Https will stop the average 12 year old doing this.

Not so sure. I know a lot of HTTPS is broken, but not to the point where an adversary controlling the cables can inject packets in real time.

That's the whole thing: simply because traffic between Belgacom and LinkedIn and Slashdot goes via Cornwall, GCHQ can just sit there and inject packets when it wants to. At least that's what I understand to have happened.

You can of course do things with forged certificates and routing traffic through your servers, but that is a lot more difficult to do and easier to detect.

Martijn.

--
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq