I've written up a more detailed take on how active cookie discovery could be used for exploitation targeting...
https://medium.com/p/bb8816e88d86 The real fun bit, however, is: > Yet foreign intelligence agencies can do even better. Want to target every > Senator, every DC staffer, and every lobbyist by name? Do you have their > Gmail addresses, LinkedIn profile, and/or Warcraft player names? Have a > couple of “diplomats” you can afford to get kicked out of the country on the > very remote chance your caught? If so, this one is for you. So the DGSE (the > French version of the NSA) should listen up. Using packet injection on the WiFi at the local starbucks... Enjoy this brave new world. Fun times all, fun times. -- Nicholas Weaver it is a tale, told by an idiot, [email protected] full of sound and fury, 510-666-2903 .signifying nothing PGP: http://www1.icsi.berkeley.edu/~nweaver/data/nweaver_pub.asc
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
