W3C home > Mailing lists > Public > public-privacy@w3.org > January to March 2015

RE: Re: On the european response to Snowden

From: Mike O'Neill <michael.oneill@baycloud.com>
Date: Thu, 29 Jan 2015 19:47:29 -0000
To: "'Joseph Lorenzo Hall'" <joe@cdt.org>
Cc: "'David Singer'" <singer@apple.com>, <djweitzner@csail.mit.edu>, "'Rigo Wenning'" <rigo@w3.org>, "'Nicholas Doty'" <npdoty@w3.org>, <public-privacy@w3.org>
Message-ID: <41cd01d03bfc$6ea726f0$4bf574d0$@baycloud.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Joe,

It is not only NSA/GCHQ we should worry about co-opting the DNS infrastructure, any criminal can set up fake WiFi servers and use DHCP to deliver a bad DNS server address, then send requests to bogus sites or monitor traffic with MITM intercepts.  

Mike


> -----Original Message-----
> From: Joseph Lorenzo Hall [mailto:joe@cdt.org]
> Sent: 29 January 2015 15:19
> To: Mike O'Neill
> Cc: David Singer; djweitzner@csail.mit.edu; Rigo Wenning; Nicholas Doty;
> public-privacy@w3.org
> Subject: Re: Re: On the european response to Snowden
> 
> While I think some of the rhetoric is a bit over the top, folks might
> also be interested in this recent paper from the GNUnet folks that
> describes a newly-revealed NSA program to monitor DNS and then goes
> into analysis of various technical efforts to update DNS
> infrastructure (it's a bit depressing, actually):
> 
> https://gnunet.org/sites/default/files/mcb-en.pdf
> 
> On Thu, Jan 29, 2015 at 5:06 AM, Mike O'Neill
> <michael.oneill@baycloud.com> wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Here are a couple of projects looking into virtual identity, privacy enabling and
> secure networking, there are others. Hopefully people involved with them can
> chime in here.
> >
> > https://gnunet.org/
> >
> > http://blog.privacytrust.eu/public/Reports/NewDigitalSecurityModels.pdf
> >
> > https://ind.ie/about/manifesto/
> >
> > http://en.wikipedia.org/wiki/DNSCurve
> >
> >
> >
> >
> >
> >
> >
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.13 (MingW32)
> > Comment: Using gpg4o v3.4.19.5391 - http://www.gpg4o.com/
> > Charset: utf-8
> >
> >
> iQEcBAEBAgAGBQJUyjBTAAoJEHMxUy4uXm2J4CgIAJRPL5g2jFOvfuQbYJg8Pab7
> >
> XPqKmJPYF505gidGoD7cFVGFPXfBUWKOhkZyTS4qSwIQqglVaxphDra5mhdrBwo
> H
> > yki6c485rN+f9JS2tpjseq8W1COzqUa9akegxn4piyvhfW4u8DvshWOHctiBlGfv
> > CBg5P3BzCKLJxGsA8Z4oOGs+6AGIEloSv3GX8At6b4GxN7QNZPbND+J/I/eb0OeJ
> >
> QCVTWJJngcaNzWK9XArHyhpZ5nLIvwRp3s4PCMYOsbku/+dDKGDYxtnKCu0t1R/e
> > 5ID3qx4/m+N7gaIxLoBL1TSDlF6oErT1DyPblr2bh4dRtcs+X54Tw65PnVaM/Nk=
> > =tAc+
> > -----END PGP SIGNATURE-----
> 
> 
> 
> --
> Joseph Lorenzo Hall
> Chief Technologist
> Center for Democracy & Technology
> 1634 I ST NW STE 1100
> Washington DC 20006-4011
> (p) 202-407-8825
> (f) 202-637-0968
> joe@cdt.org
> PGP: https://josephhall.org/gpg-key
> fingerprint: 3CA2 8D7B 9F6D DBD3 4B10  1607 5F86 6987 40A9 A871

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (MingW32)
Comment: Using gpg4o v3.4.19.5391 - http://www.gpg4o.com/
Charset: utf-8

iQEcBAEBAgAGBQJUyo5QAAoJEHMxUy4uXm2JbHMH/0WNHR9pkSlNKn6B7MuxDjzI
W0aVX9oR1kPQmQD3xnvjn2e95clxQqBp78QcPEoUdH5QjrUv+c+vX7eoKd5Lf+oC
UySdHuOcUGQPHlVUTNd9UcQd41SN4Gx0/SulsOuUd8yUTGVx2M/oxzyj+79IHa7F
FpOY8u+sJgjqwNCwgWDYO+FuDtjUnV2iHAnFuXSNf6TaEwChMJ7dCZzgXSVnaTtt
JurfByKWMdzeE27nFx/SpjPay3lf6YD3gase/7XKZYxtY/5ElZ0KnlDrTzUuwcBL
4O+AX+vxIumS7FQIB85vaYw84+e7846RBe/NHfQFHCvF4Dc2edYKRskLwHp4O5Y=
=DqNN
-----END PGP SIGNATURE-----
Received on Thursday, 29 January 2015 19:49:23 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 29 January 2015 19:49:23 UTC