On 8/09/13 03:00 AM, Perry E. Metzger wrote:
On Sat, 07 Sep 2013 09:33:28 +0100
Brian Gladman <b...@gladman.plus.com> wrote:
On 07/09/2013 01:48, Chris Palmer wrote:
Q: "Could the NSA be intercepting downloads of open-source
encryption software and silently replacing these with their own
versions?"
Why would they perform the attack only for encryption software? They
could compromise people's laptops by spiking any popular app.
Because NSA and GCHQ are much more interested in attacking
communictions in transit rather than attacking endpoints.
Except, one implication of recent revelations is that stealing keys
from endpoints has been a major activity of NSA in the last decade.
I'm not going to claim that altering patches and software during
download has been a major attack vector they've used for that -- I have
no evidence for the contention whatsoever and besides, endpoints seem
to be fairly vulnerable without such games -- but clearly attacking
selected endpoints is now an NSA passtime.
The eye-opener for me was that they were investing and trying in every
known attack. They are acting like true economic attackers, try
everything, and select the one that generates the best ROI. Just like
the industrialised phishing/hacking gangs that emerged in the 2000s...
iang
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
