On Thu, Mar 13, 2014 at 11:13 AM, Jason Iannone jason.iann...@gmail.com wrote:
And remain undetected? That's a nontrivial task and one that I would
suspect generates interesting CPU or other resource utilization anomalies.
It's a pretty high risk activity. The best we can hope for is someone
On Thu, Mar 13, 2014 at 1:57 AM, coderman coder...@gmail.com wrote:
https://s3.amazonaws.com/s3.documentcloud.org/documents/1076891/there-is-more-than-one-way-to-quantum.pdf
TAO implants were deployed via QUANTUMINSERT to targets that were
un-exploitable by _any_ other means.
And Schneier's
On Thu, Mar 13, 2014 at 9:17 AM, Jason Iannone jason.iann...@gmail.com wrote:
Are there details regarding Hammerstein? Are they actually breaking
routers?
Cisco makes regular appearances on Bugtraq an Full Disclosure. Pound
for pound, there's probably more exploits for Cisco gear than Linux
and
The First Look article is light on details so I don't know how one gets
from infect[ing] large-scale network routers to perform[ing]
exploitation attacks against data that is sent through a Virtual Private
Network. I'd like to better understand that.
On Thu, Mar 13, 2014 at 7:22 AM, Jeffrey
You get the routers to create valid-looking certificates for the endpoints, to
mount man-in-the-middle attacks.
On Mar 13, 2014, at 6:28 , Jason Iannone jason.iann...@gmail.com wrote:
The First Look article is light on details so I don't know how one gets from
infect[ing] large-scale network
And remain undetected? That's a nontrivial task and one that I would
suspect generates interesting CPU or other resource utilization anomalies.
It's a pretty high risk activity. The best we can hope for is someone
discovering the exploit and publicly dissecting it.
On Thu, Mar 13, 2014 at
Greg Rose g...@seer-grog.net writes:
You get the routers to create valid-looking certificates for the endpoints,
to mount man-in-the-middle attacks.
This is relatively easy for home routers, since the self-signed certs they're
configured with are frequently CA certs. In other words they ship