[olug] OT: Internet traffic was routed via Chinese servers

Nate M nate at bluddclot.com
Fri Nov 19 16:51:28 UTC 2010


On Wed, 2010-11-17 at 15:30 -0500, Luke-Jr wrote:
> On Tuesday, November 16, 2010 02:12:24 pm Kevin D. Snodgrass wrote:
> > http://www.washingtontimes.com/news/2010/nov/15/internet-traffic-was-routed
> > -via-chinese-servers/
> > 
> > Feel all warm and fuzzy now?
> 
> Not so long after Mozilla gave them root CA access by default, so they can 
> spoof any SSL sites without being detected...

Well that's the same for most governments. My understanding is that all
they need is to cooperation from a CA authority that your system is set
to 'trust' and they can pretty much spoof whatever URL they want. 

A very rough estimate:
$ ls /etc/ssl/certs/|wc 
    288     288    6351

It's safe to assume that any SSL connection is vulnerable to snooping
unless your using software that is specifically configured to only trust
a CA you control.



More information about the OLUG mailing list