Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment: Re:Anyone can intercept SSH some of the time (Score 3, Interesting) 191

by phantomfive (#48686067) Attached to: Snowden Documents Show How Well NSA Codebreakers Can Pry

They have fake certificates from trusted authorities for some major sites, and use MITM attacks to serve up fake pages with them. We know that GCHQ loves doing the latter, so it's a question of working out which certificate authorities have been compromised and deleting them. We can also potentially defend against this by using more certificate pinning and warnings which certificates change unexpectedly, as well as distributed certificate checks (to make sure the one you get is the same one everyone else gets).

I don't think so because not many people use trusted authorities with SSH. (In fact I've never heard of anyone doing that, but surely there are people who do). Most likely the NSA just sits there sniffing traffic that goes by, waiting until there's an SSH to a new box (which actually happens a lot, every time you reinstall or something), then begin sniffing. After that they have the password and everything, so the attack can expand.

Comment: Re:Hysteria (Score 3, Interesting) 191

by phantomfive (#48686015) Attached to: Snowden Documents Show How Well NSA Codebreakers Can Pry
The article is merely listing tools. I expect that if we have a spy agency, they will use the tools available to spy. That is what a spy agency does. If you're outraged that a spy agency actually does spy, then you're probably addicted to outrage or something.

The problem with the NSA isn't that they are spying, it isn't that they know how to decrypt SSL or mount a MITM attack; the problem with the NSA is they are spying on everybody. Limit the spying to only enemies of the US, and only the paranoid will be outraged.

Comment: Anyone can intercept SSH some of the time (Score 4, Informative) 191

by phantomfive (#48685957) Attached to: Snowden Documents Show How Well NSA Codebreakers Can Pry
If you ever get the warning:

The authenticity of host '...' can't be established. RSA key fingerprint is .... Are you sure you want to continue connecting (yes/no)?

That's ssh letting you know that a man-in-the-middle attack could be successfully launched at you, and decrypt all your communication.

Comment: Re:Get on my level (Score 1) 177

by Runaway1956 (#48685681) Attached to: Know Your Type: Five Mechanical Keyboards Compared

Uhhhh - wow. That one looks pretty damned slick. The backlight shines THROUGH the keys, right? Double shot mold, you've got the clear plastic inside, opaque outside, so the letters/numbers will never wear off. You've got me seriously tempted on that one. $150? Not right now, right after Christmas, but maybe in a month.

Yeah, I touch type all the time, but sometimes, I do lose my place on the keyboard. So, I keep a light on beside the desk because the monitors aren't bright enough to show the faded out letters on my keyboard.

Lighting for the sake of cool doesn't cut it with me, but THIS lighting looks useful.

One last question - that thing feels like an IBM springy while you're typing - or close to it, at least? I'm almost sold here. Thanks for the link!

Imagination is more important than knowledge. -- Albert Einstein