Security team successfully cracks SSL using 200 PS3's and MD5

Neil kngspook at gmail.com
Fri Jan 2 17:37:51 CST 2009


On Fri, Jan 2, 2009 at 3:29 PM, Joe Greco <jgreco at ns.sol.net> wrote:
>> * Joe Greco:
[snip
>> > Either we take the potential for transparent MitM attacks seriously, or
>> > we do not.  I'm sure the NSA would prefer "not."  :-)
>>
>> I doubt the NSA is interested in MITM attacks which can be spotted by
>> comparing key material. 8-)
>
> Doubting that the NSA might be interested in any given technique is, of
> course, good for the NSA.  Our national security people have been known
> to use imperfect interception technologies when it suits the task at hand.
> Do people here really so quickly forget things?  There was a talk on
> Carnivore given in 2000 at NANOG 20, IIRC, and I believe that one of the
> instigating causes of that talk was problems that Earthlink had experienced
> when the FBI had deployed Carnivore there.
>

Naturally.  The NSA isn't filled with theorists who want to get the
job done the "right" way.  They have a mission to fulfill, and they'll
use whatever tool works to get it done.




More information about the NANOG mailing list