David Boyes wrote, in part: >I'm not a security guy either, but I do know a fair amount about the transport >infrastructure used in the Internet core and what gets connected to what and >how.
>Carrier-level surveillance devices such as the ones manufactured by Palantir >Systems >are capable of transparently reconstructing signatures and defeating TLS at >near-wire >speed if given a sufficiently large input sample, and doing it at 100Gbit/sec >or more if >you can afford the pipe and hardware. My folks who are deeply into this stuff have not heard of this, and disbelieve it. Modern encryption is not that easy to defeat, TV and movies notwithstanding. (See https://www.smbc-comics.com/?id=2526 - "Bob Hackerman" is my favorite alias now!) They suggest that you're referring to intranet proxies, which can certainly terminate TLS, but that's not at all the same thing. -- ...phsiii Phil Smith III ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN