On Thu, Dec 12, 2013 at 12:59 PM, Nicholas Weaver <[email protected] > wrote:
> I've written up a more detailed take on how active cookie discovery could > be used for exploitation targeting... > > https://medium.com/p/bb8816e88d86 > > The real fun bit, however, is: > > > Yet foreign intelligence agencies can do even better. Want to target > every Senator, every DC staffer, and every lobbyist by name? Do you have > their Gmail addresses, LinkedIn profile, and/or Warcraft player names? Have > a couple of “diplomats” you can afford to get kicked out of the country on > the very remote chance your caught? If so, this one is for you. So the DGSE > (the French version of the NSA) should listen up. > > Using packet injection on the WiFi at the local starbucks... > I would note that attack at this level does not really qualify as "pervasive". And that there are sizeable technical differences between doing injection on a WiFi link and doing injection in, say, an OC-192. So we should not regard passive and active attack as equivalent. --Richard > > Enjoy this brave new world. Fun times all, fun times. > > -- > Nicholas Weaver it is a tale, told by an idiot, > [email protected] full of sound and fury, > 510-666-2903 .signifying nothing > PGP: http://www1.icsi.berkeley.edu/~nweaver/data/nweaver_pub.asc > > > _______________________________________________ > perpass mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/perpass > >
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
