1 comment

[ 3.4 ms ] story [ 11.0 ms ] thread
From the linked article:

>The slide suggests the presenter hoped to reach out to American superhackers – the NSA’s “Tailored Access Operations” group – for a more specialized operation: “I am working with TAO to further examine the possibility for a Man on the Side operation.”

And from an earlier article (http://www.theguardian.com/world/2013/oct/04/tor-attacks-nsa...) from Schneier:

>To trick targets into visiting a FoxAcid server, the NSA relies on its secret partnerships with US telecoms companies. As part of the Turmoil system, the NSA places secret servers, codenamed Quantum, at key places on the internet backbone. This placement ensures that they can react faster than other websites can. By exploiting that speed difference, these servers can impersonate a visited website to the target before the legitimate website can respond, thereby tricking the target's browser to visit a Foxacid server.

It seems that MITM attacks are a relatively general purpose tool. Tor users --excuse me, terrorists-- Brazilian petroleum companies, and other "new [targets] to develop"... Who's next on the list of "[targets] to develop"? I would have thought MITM attacks were a more closely held technique, but it seems they're routinely deployed.