Re: [perpass] perens-perpass-appropriate-response-01

Nicholas Weaver <nweaver@ICSI.Berkeley.EDU> Wed, 04 December 2013 17:24 UTC

Return-Path: <nweaver@icsi.berkeley.edu>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B689B1AE316 for <perpass@ietfa.amsl.com>; Wed, 4 Dec 2013 09:24:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VSzSO5F2uAIz for <perpass@ietfa.amsl.com>; Wed, 4 Dec 2013 09:24:01 -0800 (PST)
Received: from rock.ICSI.Berkeley.EDU (rock.ICSI.Berkeley.EDU [192.150.186.19]) by ietfa.amsl.com (Postfix) with ESMTP id 8F60B1AE317 for <perpass@ietf.org>; Wed, 4 Dec 2013 09:24:00 -0800 (PST)
Received: from localhost (localhost.localdomain [127.0.0.1]) by rock.ICSI.Berkeley.EDU (Postfix) with ESMTP id D60FF2C401E; Wed, 4 Dec 2013 09:23:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at ICSI.Berkeley.EDU
Received: from rock.ICSI.Berkeley.EDU ([127.0.0.1]) by localhost (maihub.ICSI.Berkeley.EDU [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 6UCaTHdZHS6c; Wed, 4 Dec 2013 09:23:57 -0800 (PST)
Received: from gala.icir.org (gala.icir.org [192.150.187.130]) (Authenticated sender: nweaver) by rock.ICSI.Berkeley.EDU (Postfix) with ESMTP id 71A292C4003; Wed, 4 Dec 2013 09:23:57 -0800 (PST)
Content-Type: multipart/signed; boundary="Apple-Mail=_737E5515-DB7C-4EF4-9042-4FD276D577DD"; protocol="application/pgp-signature"; micalg=pgp-sha512
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Nicholas Weaver <nweaver@ICSI.Berkeley.EDU>
In-Reply-To: <529F64F1.1090802@perens.com>
Date: Wed, 4 Dec 2013 09:23:57 -0800
Message-Id: <7A38D549-EFBB-4D59-BDD2-07EEB0E4EFAF@icsi.berkeley.edu>
References: <E2DA1477-C86E-441E-A33D-D47A0D67AFF3@iab.org> <EF9BD1E4-6EF3-4035-AC4E-1A2D3CADE615@mnot.net> <529E8494.7000806@perens.com> <20131204111309.GB11727@nic.fr> <529F61D8.6030105@perens.com> <20131204171207.GC19914@thunk.org> <529F63C0.3040804@perens.com> <5A5B778C-1E8D-49BA-9AB9-8A5C5C9E46F0@icsi.berkeley.edu> <529F64F1.1090802@perens.com>
To: Bruce Perens <bruce@perens.com>
X-Mailer: Apple Mail (2.1510)
Cc: Stephane Bortzmeyer <bortzmeyer@nic.fr>, perpass@ietf.org, Nicholas Weaver <nweaver@ICSI.Berkeley.EDU>, Theodore Ts'o <tytso@mit.edu>
Subject: Re: [perpass] perens-perpass-appropriate-response-01
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Dec 2013 17:24:02 -0000

On Dec 4, 2013, at 9:22 AM, Bruce Perens <bruce@perens.com> wrote:

> On 12/04/2013 09:19 AM, Nicholas Weaver wrote:
>> All it takes is ONE unencrypted web request across a hostile network for that hostile network to be used to attack the browser.
> And that is one way in to the browser out of many.

Except that it is a primary way that the NSA says is OK, and has a huge attraction to nation states for system exploitation.  Why bother with watering hole attacks etc?

--
Nicholas Weaver                  it is a tale, told by an idiot,
nweaver@icsi.berkeley.edu                full of sound and fury,
510-666-2903                                 .signifying nothing
PGP: http://www1.icsi.berkeley.edu/~nweaver/data/nweaver_pub.asc