US internet providers hijacking users' search queries
Mark Andrews
marka at isc.org
Sat Aug 6 01:03:36 UTC 2011
In message <4E3C9228.4050808 at paulgraydon.co.uk>, Paul Graydon writes:
> On 08/05/2011 02:53 PM, Brielle wrote:
> > Until they start MitM the ssl traffic, fake certs and all. Didn't a certai
> n repressive regime already do this tactic with facebook or some other major
> site?
> >
> Syria did:
> https://www.eff.org/deeplinks/2011/05/syrian-man-middle-against-facebook<http
> s://www.facebook.com/note.php?note_id=10150178983622358&comments>
Which is countered by DNSSEC + DANE. A country may be able to fake everything
under their tld but not the rest of the net.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the NANOG
mailing list