The Internet’s Biggest Security Hole
at 9:19 pm
on August 26, 2008
in Security, Technology, Tellicommunications
no comments
Via Wired:
Two security researchers have demonstrated a new technique to stealthily intercept internet traffic on a scale previously presumed to be unavailable to anyone outside of intelligence agencies like the National Security Agency.
The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let an attacker surreptitiously monitor unencrypted internet traffic anywhere in the world, and even modify it before it reaches its destination.
BGP is nearly the only WAN protocol anyone takes seriously and is the only one meaningfully deployed. BGP is supposed to be authenticated between peers, but apparently not often enough.
Here’s the PDF of Kapela and Pilosov’s presentation.
Leave a Comment...
You must be logged in to post a comment.
Ruan is a resolute technophile that is currently devoted to the professional practice of Information Technology Management. In his free time Ruan pursues various interests including the study of Information Security practices and the exploration of visual culture through contemporary photography and communication design.
- Burglary Ring Uses Facebook to Choose Victims
2:09 pm, September 10, 2010 - IBM embraces Firefox, adopts it internally
9:54 am, July 5, 2010 - Canada Post warns of fraudulent email
7:18 pm, April 26, 2010 - Bank Employee Plants Malware on ATMs
11:46 am, April 9, 2010 - University of Cambridge discovers Chip and PIN verification “wedge” vulnerability
11:41 am, February 15, 2010