I don't work in networking, but seeing as most traffic is encrypted these days, does passing through unfriendly hardware matter as much as back in the days of plaintext everything? Sure they can drop packets, but they can't tamper/read it, or is there something I'm missing?
> […] but they can't tamper/read it, or is there something I'm missing?
You could redirect traffic temporarily to get a Let's Encrypt (ACME) certificate issued and then use it to pretend to be some important site. Redirect attacks have been done in the past:
> Among all the scams and thievery in the bitcoin economy, one recent hack sets a new bar for brazenness: Stealing an entire chunk of raw internet traffic from more than a dozen internet service providers, then shaking it down for as many bitcoins as possible.
This type of attack is why LE does "Multi-Perspective Validation":
> A potential issue with this process is that if a network attacker can hijack or redirect network traffic along the validation path (for the challenge request, or associated DNS queries), then the attacker can trick a CA into incorrectly issuing a certificate. This is precisely what a research team from Princeton demonstrated can be done with an attack on BGP. Such attacks are rare today, but we are concerned that these attacks will become more numerous in the future.
If you direct a CA's traffic through your server, you can answer the HTTP or DNS queries that prove domain ownership. And lots of people click past warnings because an IT disruption isn't a day off if they can work around it
Russia could easily “convince” a CA based in their country to do them a favour to facilitate MITM. Or just gather the right kompromat needed to convince one overseas.
Yes, but doing it intentionally isn't as simple as one might think. First, BGP generally prefers the shortest path and yours is going to be a little long, so unless the best original path is very long you need on some transit provider to use policy-based routing and trust you as transit. Second, if you want the traffic to pass through your hardware you have to have sufficient bandwidth, otherwise you'll just trigger packet loss and disrupt service (fine if disruption is your goal, not so fine if you want the traffic to pass through your hardware). Third, some people use signed routes, which also complicates your job.
> First, BGP generally prefers the shortest path and yours is going to be a little long, so unless the best original path is very long you need on some transit provider to use policy-based routing and trust you as transit.
the article states:
> The leaked route is likely preferable because of a localpref setting which would prefer sending traffic for free through a peer regardless of the AS path length, over paying to send traffic through a transit provider.
There are measures to prevent or at least mitigate that, like RPKI. But having a sensible improvement doesn’t mean that everyone is using it, look at IPv6.
Those protocols weren’t designed for privacy or financial transactions. Those things have just been kludged on top.
No one back then designed those protocols for our use cases today.
Ask rather why we haven’t upgraded all the hardware that supports all those old protocols? So that these protocols could also be updated and modernised.
We won’t replace electricity but we’ll build on top of it. Electricity is fundamentally the same since ever: copper wires transport it and it flows between two poles.
That’s a bit what C is - the basis of other languages and for that it works fine. We abstract up the chain of complexity.
There will always be a fundamental basis for all technology and it will never be perfect. Tesla would have preferred to use DC currents, instead we have AC which is more dangerous.
Readit News
You could redirect traffic temporarily to get a Let's Encrypt (ACME) certificate issued and then use it to pretend to be some important site. Redirect attacks have been done in the past:
> Among all the scams and thievery in the bitcoin economy, one recent hack sets a new bar for brazenness: Stealing an entire chunk of raw internet traffic from more than a dozen internet service providers, then shaking it down for as many bitcoins as possible.
* https://archive.is/http://www.wired.com/2014/08/isp-bitcoin-...
This type of attack is why LE does "Multi-Perspective Validation":
> A potential issue with this process is that if a network attacker can hijack or redirect network traffic along the validation path (for the challenge request, or associated DNS queries), then the attacker can trick a CA into incorrectly issuing a certificate. This is precisely what a research team from Princeton demonstrated can be done with an attack on BGP. Such attacks are rare today, but we are concerned that these attacks will become more numerous in the future.
* https://letsencrypt.org/2020/02/19/multi-perspective-validat...
If you direct a CA's traffic through your server, you can answer the HTTP or DNS queries that prove domain ownership. And lots of people click past warnings because an IT disruption isn't a day off if they can work around it
> First, BGP generally prefers the shortest path and yours is going to be a little long, so unless the best original path is very long you need on some transit provider to use policy-based routing and trust you as transit.
the article states:
> The leaked route is likely preferable because of a localpref setting which would prefer sending traffic for free through a peer regardless of the AS path length, over paying to send traffic through a transit provider.
No one back then designed those protocols for our use cases today.
Ask rather why we haven’t upgraded all the hardware that supports all those old protocols? So that these protocols could also be updated and modernised.
That’s a bit what C is - the basis of other languages and for that it works fine. We abstract up the chain of complexity.
There will always be a fundamental basis for all technology and it will never be perfect. Tesla would have preferred to use DC currents, instead we have AC which is more dangerous.
Deleted Comment
Deleted Comment