NSA Poses as Legitimate Websites for Man in the Middle Attacks

September 13th, 2013

When you’re connected to .mil’s PSYOP ISP, you may get a ‘special’ version of the Internet.

U.S. Has Secret Tools to Force Internet on Dictators

Via: Cnet:

Here’s one of the latest tidbits on the NSA surveillance scandal (which seems to be generating nearly as many blog items as there are phone numbers in the spy agency’s data banks).

Earlier this week, Techdirt picked up on a passing mention in a Brazilian news story and a Slate article to point out that the US National Security Agency had apparently impersonated Google on at least one occasion to gather data on people. (Mother Jones subsequently pointed out Techdirt’s point-out.)

Brazilian site Fantastico obtained and published a document leaked by Edward Snowden, which diagrams how a “man in the middle attack” involving Google was apparently carried out.

A technique commonly used by hackers, a MITM attack involves using a fake security certificate to pose as a legitimate Web service, bypass browser security settings, and then intercept data that an unsuspecting person is sending to that service. Hackers could, for example, pose as a banking Web site and steal passwords.

Posted in Covert Operations, Dictatorship, Infrastructure, Surveillance, Technology | Top Of Page

Leave a Reply

You must be logged in to post a comment.