Re: [perpass] A reminder, the Network is the Enemy...

Bjoern Hoehrmann <derhoermi@gmx.net> Wed, 20 November 2013 22:44 UTC

Return-Path: <derhoermi@gmx.net>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66D611AE078 for <perpass@ietfa.amsl.com>; Wed, 20 Nov 2013 14:44:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.425
X-Spam-Level:
X-Spam-Status: No, score=-2.425 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.525, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e_Zm3SQ_aPYZ for <perpass@ietfa.amsl.com>; Wed, 20 Nov 2013 14:44:01 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) by ietfa.amsl.com (Postfix) with ESMTP id E99A71AE4C6 for <perpass@ietf.org>; Wed, 20 Nov 2013 14:44:00 -0800 (PST)
Received: from netb.Speedport_W_700V ([91.35.13.37]) by mail.gmx.com (mrgmx103) with ESMTPA (Nemesis) id 0MCL6r-1VrkoC1mE5-009B3q for <perpass@ietf.org>; Wed, 20 Nov 2013 23:43:53 +0100
From: Bjoern Hoehrmann <derhoermi@gmx.net>
To: Ted Lemon <mellon@fugue.com>
Date: Wed, 20 Nov 2013 23:43:36 +0100
Message-ID: <dbeq89lhsqj0krnes41rnrodc6sjmcecr8@hive.bjoern.hoehrmann.de>
References: <9B79CCC3-853E-42F4-8390-ED0EE019C275@icsi.berkeley.edu> <B4A3135B-1391-4794-BE23-D823962C294C@fugue.com>
In-Reply-To: <B4A3135B-1391-4794-BE23-D823962C294C@fugue.com>
X-Mailer: Forte Agent 3.3/32.846
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Provags-ID: V03:K0:jNtuAeVjDCzxdj1KcDt26rgP4LuLuQmfFwAyFyPXEFtoLOjb3hv rfLE3fbab0riAi/In+bSD734mvsVkYUoPFNycPDlC8OScRnSCqnkkwW19ekDPIgGx9JmIZX FtQWFb2xz3f0ANudHMQqRsHnxiT6Mvkn+l0NUC/s9d4x6v6v583+KUg4jnTGHHrKM4dTj8i +j2ft7IGQOg89hHUGjzCQ==
Cc: perpass <perpass@ietf.org>, Nicholas Weaver <nweaver@icsi.berkeley.edu>
Subject: Re: [perpass] A reminder, the Network is the Enemy...
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2013 22:44:03 -0000

* Ted Lemon wrote:
>The thing that hit me from this article that I really just hadn't fully 
>understood previously is that any web site that displays personalized 
>information per user that can be easily parsed now serves as a way to do 
>a targeted attack on an individual or on individuals who work for an 
>organization.
>
>So if you read slashdot or tumblr, for example, both of which display 
>personally identifying information on their home pages if you are logged 
>in, then an MiTM attacker can listen on the link the server is connected 
>to and trigger on HTTP responses to you, and then attack you 
>specifically, without revealing the attack to anyone else.

>This can be mitigated in several ways—obviously https-everywhere will 
>address the problem, but also if the web site simply doesn't display 
>personally identifying information in their outgoing traffic, then the 
>passive attack isn't possible.

Online advertisers are happy to help you identify your targets and put
code on their computers, <http://en.wikipedia.org/wiki/Malvertising>.
-- 
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/