Interesting People mailing list archives
Re: Internet security flaw exposes private data
From: Dave Farber <dfarber () me com>
Date: Sat, 16 Jan 2010 15:00:19 -0500
From: "Abe Singer" <abe () oyvay nu> To: "David Farber" <dave () farber net> Date: January 16, 2010 12:32:56 PM EST Subject: Re: [IP] Internet security flaw exposes private data Dr. Farber, For IP if you like... From what I can tell in the article and a few others I googles, this is not any sort of a new vulnerability, this was just the same old man-in-the-middle "attack" that any tcp session (at the ip/tcp layer) is vulnerable to. The problem highlited in this case is the flawed assumption that the Internet backbone and providers provide a trusted path. I (and others) have said for years that one cannot trust a network one does not control. (Whether one can trust a network they *do* control is a different discussion). We use SSL for precisely that reason (sidestepping for the moment usability/trust issues with PKI). -- AbeBegin forwarded message: From: "Charley Kline" <csk () mail com> Subject: Internet security flaw exposes private data SAN FRANCISCO – A Georgia mother and her two daughters logged onto Facebook from mobile phones last weekend and wound up in a startling place: strangers' accounts with full access to troves of private information. The glitch — the result of a routing problem at the family's wireless carrier, AT&T — revealed a little known security flaw with far reaching implications for everyone on the Internet, not just Facebook users. The problem had nothing specific to do with Facebook. It is a more general problem. See http://news.yahoo.com/s/ap/20100116/ap_on_hi_te/us_tec_facebook_at_t_glitch
------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Internet security flaw exposes private data David Farber (Jan 16)
- <Possible follow-ups>
- Internet security flaw exposes private data Dave Farber (Jan 16)
- Internet security flaw exposes private data Dave Farber (Jan 16)
- Re: Internet security flaw exposes private data Dave Farber (Jan 16)
- Internet security flaw exposes private data Dave Farber (Jan 16)