Dailydave mailing list archives
Re: tubes clogged
From: Petja van der Lek <lek () xs4all nl>
Date: Mon, 29 Dec 2008 19:54:57 +0100
Drat! A JPEG image. We all know that censored documents are *supposed* to be created using the Acrobat mark up tool, right? It's not fair. But, guesses are free, so here's mine. "...their research required massive computational resources that had to be utilized within a specific window of time": indicates some form of brute-force cryptokey cracking. "a practical attack that affects the security of all Internet users": crypto technology in use by *all* Internet users would be SSL. So we'd likely be talking about HTTPS or possibly some (vendor specific) SSL-VPN implementation. "The main result of our proof of concept attack is that we are in the possession of...": indicates a disclosure vulnerability, rather than anything DoS-like. "Their research combined a known weakness in one area with a massive resource investment in another...": more clues, leading to the conclusion below. So, I'd say we're looking at some sort of transparent MITM SSL snooping attack. Traffic would be intercepted using your garden-variety BGP trickery, and some brute-force cracking is used to exploit an OpenSSH flaw or a vendor-specific SSL-VPN implementation bug. As proof, Alex and Jacob will be putting John Chambers' emails on display. Any points scored? Cheers, Lek. H D Moore wrote:
On Monday 29 December 2008, Alexander Sotirov wrote:I hereby grant the security community permission to freely speculate about the details of our latest research: http://events.ccc.de/congress/2008/Fahrplan/track/Hacking/3023.en.htmlLess speculation and more justification for the secrecy: http://www.breakingpointsystems.com/community/ -HD _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- tubes clogged Alexander Sotirov (Dec 29)
- Re: tubes clogged Jared DeMott (Dec 29)
- Re: tubes clogged J. Oquendo (Dec 29)
- Re: tubes clogged Can Erkin Acar (Dec 29)
- Re: tubes clogged Jess Kitchen (Dec 29)
- Re: tubes clogged J. Oquendo (Dec 29)
- Re: tubes clogged H D Moore (Dec 29)
- Re: tubes clogged Petja van der Lek (Dec 29)
- Re: tubes clogged Fyodor (Dec 29)
- Re: tubes clogged Jess Kitchen (Dec 29)
- Re: tubes clogged Thorsten Holz (Dec 30)
- Re: tubes clogged dan (Dec 30)
- Re: tubes clogged Paul Melson (Dec 30)
- Re: tubes clogged Petja van der Lek (Dec 29)
- Re: tubes clogged Jared DeMott (Dec 29)
- MD5 Considered Harmful Today: Creating a rogue CA certificate Alexander Sotirov (Dec 30)
- Re: MD5 Considered Harmful Today: Creating a rogue CA certificate Charles Miller (Dec 30)
- Re: MD5 Considered Harmful Today: Creating a rogue CA certificate Thomas Ptacek (Dec 30)