huawei
Rich Kulawiec
rsk at gsp.org
Sat Jun 15 12:13:50 UTC 2013
First: this is a fascinating discussion. Thank you.
Second:
On Sat, Jun 15, 2013 at 01:56:34AM -0500, Jimmy Hess wrote:
> There will be indeed be _plenty_ of ways that a low bit rate channel
> can do everything the right adversary needs.
>
> A few bits for second is plenty of data rate for sending control
> commands/rule changes to a router backdoor mechanism, stealing
> passwords, or leaking cryptographic keys required to decrypt the VPN
> data stream intercepted from elsewhere on the network, leaking
> counters, snmp communities, or interface descriptions, or
> criteria-selected forwarded data samples, etc....
I was actually thinking much slower: a few bits per *day*. Maybe slower yet.
(So what if it takes a month to transmit a single 15-character password?)
For people who think in terms of instant gratification, or perhaps,
in next-quarter terms, or perhaps, in next-year terms, that might be
unacceptabe. But for people who think in terms of next-decade or
beyond, it might suffice.
And if the goal is not "get the password for router 12345" but "get as
many as possible", then a scattered, random, slow approach might yield
the best results -- *because* it's scattered, random, and slow.
---rsk
More information about the NANOG
mailing list