On 04/23/2015 01:56 AM, David Stainton wrote:
> It is possible to add a "prevention" mechanism to HoneyBadger; an
> event based firewall ruleset generator made to block TCP injection
> attacks as they are happening... yes. This is possible. I could
write
> that if there was interest from enoug
>> TCP injection attacks are not the same as man-in-the-middle
>> attacks... but rather are categorized as man-on-the-side. The
>> difference is important because MoS is *much* cheaper for these
>> various (not just NSA) entities to execute. MoS means you do not
>> have to pwn a route endpoint at t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thanks for your reply
David Stainton wrote:
> Yes and no. HTTPS/Onion services prevents successful TCP injection
> attacks when the attacker doesn't know the key material...
> therefore to make this claim about HTTPS in general seems rather
> sketchy
Yes and no. HTTPS/Onion services prevents successful TCP injection
attacks when the attacker doesn't know the key material... therefore
to make this claim about HTTPS in general seems rather sketchy given
that many CA's have been pwn'ed (and subpoena'ed?) in the past.
TCP injection attacks are not
hi,
Am 22.04.2015 um 20:41 schrieb David Stainton:
> Did you all see this Wired article about Quantum Insert detection?
>
> https://www.wired.com/2015/04/researchers-uncover-method-detect-nsa-quantum-insert-hacks
proof me wrong but wouldn't the use of a HTTPS/OnionAddress render this
attack uses
Greetings,
Did you all see this Wired article about Quantum Insert detection?
https://www.wired.com/2015/04/researchers-uncover-method-detect-nsa-quantum-insert-hacks
These TCP injection attacks are used by various entities around the
world (not just NSA!) to target individuals for surveillance