Two security researchers have demonstrated a new technique to stealthily intercept internet traffic on a scale previously presumed to be unavailable to anyone outside of intelligence agencies like the National Security Agency.The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let an attacker surreptitiously monitor unencrypted internet traffic anywhere in the world, and even modify it before it reaches its destination.
The demonstration is only the latest attack to highlight fundamental security weaknesses in some of the internet's core protocols. Those protocols were largely developed in the 1970s with the assumption that every node on the then-nascent network would be trustworthy. The world was reminded of the quaintness of that assumption in July, when researcher Dan Kaminsky disclosed a serious vulnerability in the DNS system. Experts say the new demonstration targets a potentially larger weakness.
"It's a huge issue. It's at least as big an issue as the DNS issue, if not bigger," said Peiter "Mudge" Zatko, noted computer security expert and former member of the L0pht hacking group, who testified to Congress in 1998 that he could bring down the internet in 30 minutes using a similar BGP attack, and disclosed privately to government agents how BGP could also be exploited to eavesdrop. "I went around screaming my head about this about ten or twelve years ago.... We described this to intelligence agencies and to the National Security Council, in detail."
News source: More @ Wired Blog Network
Last edited by Tikitiki on 27 Aug 2008 - 22:28
but this is only for 'non-secure' stuff right? ... like they cant screw with your internet data as long as it's secure from what i can tell from reading that article.
seems like it's got to be standard non SSL related stuff for them to screw with you, right?
or is this the dawn of a new internet.
and it may force all you 40 year olds living in your mothers basment to find other means of ordering pizza and talking to you lvl 60 elf commander NOOOOOOOO how will you live how will your elf army stay together your mages will never downloiad the new spells and patches noooo!!!
LOL internet is internet yes i would cry if it went down after a massive attack but the internet is getting overloaded by all this stuff on there now anyway ... the internet is still young and what happens if you drop a brick on a baby? that right it hurts the poor git then you get attack by child services ....
Never know...they might have better job offers. The best hackers...get paid the best.
Know they're out to get me with all the WMD's in our garage.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.