- From: Mike O'Neill <michael.oneill@baycloud.com>
- Date: Thu, 29 Jan 2015 19:47:29 -0000
- To: "'Joseph Lorenzo Hall'" <joe@cdt.org>
- Cc: "'David Singer'" <singer@apple.com>, <djweitzner@csail.mit.edu>, "'Rigo Wenning'" <rigo@w3.org>, "'Nicholas Doty'" <npdoty@w3.org>, <public-privacy@w3.org>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Joe, It is not only NSA/GCHQ we should worry about co-opting the DNS infrastructure, any criminal can set up fake WiFi servers and use DHCP to deliver a bad DNS server address, then send requests to bogus sites or monitor traffic with MITM intercepts. Mike > -----Original Message----- > From: Joseph Lorenzo Hall [mailto:joe@cdt.org] > Sent: 29 January 2015 15:19 > To: Mike O'Neill > Cc: David Singer; djweitzner@csail.mit.edu; Rigo Wenning; Nicholas Doty; > public-privacy@w3.org > Subject: Re: Re: On the european response to Snowden > > While I think some of the rhetoric is a bit over the top, folks might > also be interested in this recent paper from the GNUnet folks that > describes a newly-revealed NSA program to monitor DNS and then goes > into analysis of various technical efforts to update DNS > infrastructure (it's a bit depressing, actually): > > https://gnunet.org/sites/default/files/mcb-en.pdf > > On Thu, Jan 29, 2015 at 5:06 AM, Mike O'Neill > <michael.oneill@baycloud.com> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Here are a couple of projects looking into virtual identity, privacy enabling and > secure networking, there are others. Hopefully people involved with them can > chime in here. > > > > https://gnunet.org/ > > > > http://blog.privacytrust.eu/public/Reports/NewDigitalSecurityModels.pdf > > > > https://ind.ie/about/manifesto/ > > > > http://en.wikipedia.org/wiki/DNSCurve > > > > > > > > > > > > > > > > > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.4.13 (MingW32) > > Comment: Using gpg4o v3.4.19.5391 - http://www.gpg4o.com/ > > Charset: utf-8 > > > > > iQEcBAEBAgAGBQJUyjBTAAoJEHMxUy4uXm2J4CgIAJRPL5g2jFOvfuQbYJg8Pab7 > > > XPqKmJPYF505gidGoD7cFVGFPXfBUWKOhkZyTS4qSwIQqglVaxphDra5mhdrBwo > H > > yki6c485rN+f9JS2tpjseq8W1COzqUa9akegxn4piyvhfW4u8DvshWOHctiBlGfv > > CBg5P3BzCKLJxGsA8Z4oOGs+6AGIEloSv3GX8At6b4GxN7QNZPbND+J/I/eb0OeJ > > > QCVTWJJngcaNzWK9XArHyhpZ5nLIvwRp3s4PCMYOsbku/+dDKGDYxtnKCu0t1R/e > > 5ID3qx4/m+N7gaIxLoBL1TSDlF6oErT1DyPblr2bh4dRtcs+X54Tw65PnVaM/Nk= > > =tAc+ > > -----END PGP SIGNATURE----- > > > > -- > Joseph Lorenzo Hall > Chief Technologist > Center for Democracy & Technology > 1634 I ST NW STE 1100 > Washington DC 20006-4011 > (p) 202-407-8825 > (f) 202-637-0968 > joe@cdt.org > PGP: https://josephhall.org/gpg-key > fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (MingW32) Comment: Using gpg4o v3.4.19.5391 - http://www.gpg4o.com/ Charset: utf-8 iQEcBAEBAgAGBQJUyo5QAAoJEHMxUy4uXm2JbHMH/0WNHR9pkSlNKn6B7MuxDjzI W0aVX9oR1kPQmQD3xnvjn2e95clxQqBp78QcPEoUdH5QjrUv+c+vX7eoKd5Lf+oC UySdHuOcUGQPHlVUTNd9UcQd41SN4Gx0/SulsOuUd8yUTGVx2M/oxzyj+79IHa7F FpOY8u+sJgjqwNCwgWDYO+FuDtjUnV2iHAnFuXSNf6TaEwChMJ7dCZzgXSVnaTtt JurfByKWMdzeE27nFx/SpjPay3lf6YD3gase/7XKZYxtY/5ElZ0KnlDrTzUuwcBL 4O+AX+vxIumS7FQIB85vaYw84+e7846RBe/NHfQFHCvF4Dc2edYKRskLwHp4O5Y= =DqNN -----END PGP SIGNATURE-----
Received on Thursday, 29 January 2015 19:49:23 UTC